blur, chart, computer-1853262.jpg

General considerations for Information and Data Security

At REEID GCE, personal data are held about customers, staff, and the public. The Company needs to hold information about its customers and staff for reasons which include, but are by no means limited to, the following:
– Archiving financial records
– Archiving projects records
Data may also be held on other individuals, such as candidates, visitors to the Company, suppliers, employees of other organizations who are involved in our projects.
REEID GCE is required to have policies and procedures in place to ensure compliance with its obligations under the relevant legislations that extend across its customers, staff, and the activities of the company.
Our policies are listed below and can be downloaded in PDF format

How we are protecting your data and our resources

We are taking extraordinary care of your data and own resources. We understand that some of your documents and information shall be kept out of sight of unprivileged individuals, and/or robots. Following are the safety controls and methodology deployed across our business units:

  1. We don’t use cloud based storage services (Google, Dropbox etc.) for sensitive data
  2. We don’t use outsourced SMT (Statistical Machine Translation Engines) unless specified otherwise by Customer
  3. We don’t Build, Train, and Deploy Machine Learning systems and process datasets with use of cloud based third parties engines unless specified otherwise by Customer
  4. We are using only encrypted transmission protocols for external communication or between our production offices and company data centers
  5. Strong files encryption within local storages and Distributed DMS
  6. Robust access privileges to our online platforms (profiles, roles, sharing rules)
  7. Access control via RBAC. The privilege model is designed to provide granular control over what users can see and do, ensuring that sensitive information is protected and that users have access only to the data and functions necessary for their roles
  8. MFA authentication for all access to sensitive data
  9. Data destruction and disposal procedure in place
  10. Intrusion prevention system
  11. Multilayer data loss prevention (DLP) systems and procedures in place
  12. Data anonymization procedures (important while outsourcing projects)
  13. Regular Security & Confidentiality Audits
  14. Data Centers in Europe and Asia (depending on data security requirements, certain DC is selected)
  15. Full GDPR compliance
  16. Data protection compliance in line with regulations of the countries in/out of Euro-zone

Information and Data Security Policies

Scroll to Top