Data Privacy & Security Standards

Frequently Asked Questions

Q1 - Once a document is submitted & it passes through the ML engine, and the appropriate data points are extracted. Is there any human intervention at the end of NanoNets?

Ans - No, there is no human intervention on any of the models, unless requested.

Q2 - Where does all the uploaded data reside?

Ans - All uploaded data resides in customer-specific S3 buckets, accessible only by the customer.

Q3 - What are the access controls on the servers that store that?

Ans - Access is controlled by system admin, with MFA & logs in place. Passwords are frequently changed as a security measure.

Q4 - Is the data encrypted?

Ans - We take data encryption very seriously -

Data in Transit - Encrypted with HTTPS (SHA-256 with RSA Encryption) 

Data at Rest - Can be encrypted with AES-256 encryption on request

Q5 - Where are your servers located?

Ans - We have instances running on the three major cloud service provides - AWS, GCP, Azure. We can host your data in your choice of location.

Q6 - Are you GDPR compliant?

Ans - Yes, we are 100% GDPR compliant.

Q7 - Are you OK signing DPAs with your customers?

Ans - Yes, we are completely fine with it.

Q8 - Are you OK signing BAAs with your customers?

Ans - Yes, we are completely fine with that. 

Was this article helpful?