Recollective Security & Privacy Overview

Learn about Recollective's infrastructure security, application security, data privacy controls and business process.

Contents

At Recollective, the security and privacy of your research data are our top priorities. Our comprehensive Security & Privacy Overview details the rigorous measures we take to ensure the integrity, confidentiality, and availability of your information.

Download our comprehensive Security & Privacy Overview at the bottom of this page to learn more about how we protect your valuable research data.

Here’s a high-level summary of what you can expect:

Unwavering Commitment to Security

SOC 2 Compliance: We are proud to be SOC 2 Type I compliant and are actively working towards SOC 2 Type II compliance. This means our controls and processes meet stringent standards for security, availability, processing integrity, confidentiality, and privacy.

Cyber Security Program: Our cybersecurity framework includes robust risk assessments, proactive incident detection and response, secure data retention and destruction policies, and comprehensive disaster recovery and business continuity plans.

Continuous Improvement: We conduct regular internal audits and external assessments to ensure ongoing compliance and enhance our security posture.

Advanced Data Protection

Encryption: All data in transit and at rest is protected using advanced encryption protocols (TLS 1.2or later for data in transit and AES-256 for data at rest).

Access Controls: User authentication, two-factor authentication (2FA), and strict access control sensure only authorized users can access sensitive data.

Monitoring and Auditing: Our systems are monitored 24/7/365 for potential threats, and we perform regular security audits to identify and mitigate vulnerabilities.

Secure Cloud Hosting on AWS

Regional Deployment: We offer flexible deployment options across multiple geographic regions (Asia Pacific, Canada, European Union, USA) to meet your data residency requirements.

AWS Partnership: By leveragingAmazon Web Services (AWS), we ensure world-class physical and digital security measures, including SOC 1/SSAE 16/ISAE 3402, SOC 2, SOC 3, FISMA, FedRAMP, PCIDSS Level 1, ISO 9001, ISO 27001, and more.

Proactive Security Measures

Penetration Testing: Regular penetration tests by an independent security firm help us identify and address potential vulnerabilities.

Real-Time Monitoring: Advanced tools and services detect and respond to malicious activities in real-time, ensuring the security of our infrastructure.

Privacy by Design

GDPR Compliance: We support our customers’ compliance with the General Data Protection Regulation (GDPR) and other global privacy laws, ensuring that personal data is handled with the utmost care.

Data Processing Agreements (DPA): Our DPAs guarantee that customers can respond to data subject requests and report personal data breaches in accordance with GDPR timelines.

Privacy-First AI Solutions

Privacy-Centric AI Features: Recollective employs pre-trained AI models that exclude Personally Identifiable Information (PII) and process data using advanced encryption protocols, ensuring robust data security.

Transparency and Customer Control: Our Privacy Impact Assessment (PIA) provides full transparency about our data processing and safeguards. Customers can opt out of AI features.

Responsible AI Practices: Recollective enforces strict agreements with AI sub-processors, prohibiting data retention for model training and ensuring compliance with global privacy regulations like GDPR.

Third-Party Risk Management

Vendor Selection and Monitoring: We carefully select and continuously monitor our third-party service providers to ensure they adhere to our high standards for security and privacy.

Sub-Processor List: We transparently list all sub-processors involved in hosting or processing customer data, ensuring compliance with GDPR and other regulations.

User Authentication and AccessManagement

Defined User Roles: Clearly delineated user roles and permissions ensure secure and efficient access management.

Password Security: Robust password policies, including complexity requirements, expiration rules, and automatic account lockouts, safeguard against unauthorized access.

Why Choose Recollective?

Recollective is more than just a platform for your research needs; it is a fortress for your data. We go beyond compliance to provide a secure, reliable, and transparent environment where your research can thrive without concerns about data breaches or unauthorized access.

Recollective Security and Privacy Overview

Download PDF

Recollective Security and Privacy Overview

Download PDF

Get started with Recollective