Your Trust, Our PriorityUncompromised Security
At LotseAI, the safety of your data is our primary concern. We respect the faith you've entrusted in us with access to your data, and we uphold this by utilizing advanced security measures throughout our technology stack. Designed with security and privacy at its core, our platform ensures a reliable and seamless experience backed by a multilayered security framework.Transparency is key to building trust, so we welcome any inquiries about our security, privacy, and data integrity practices. Reach out anytime, and we'll be more than happy to assist.
Controlled Access, Uncompromised PrivacyYour Data, Handled with Care
We at Lotse understand the value of your data and the trust you place in us. Your data never leaves our system, remaining private from third-party vendors. Our process involves pre-processing your queries within our systems, utilizing only a small fraction of information for generating user-friendly responses.During syncing and indexing, we convert your data into numerical representations, or 'embeddings'. These aid us in pinpointing relevant content later. However, these embeddings can only be reverted to readable content by knowing the source, a privilege reserved for you and us.
Storing your data safelyOur Secure Infrastructure
LotseAI entrusts your data to Amazon Web Services (AWS), an industry leader in secure infrastructure services. With physical security, environmental safeguards, and regular updates to their compliance and security protocols, AWS ensures the highest level of data protection. Our infrastructure spans multiple zones and subnets, promoting service availability and additional misuse protection.AWS operates in compliance with ISO 27001, SOC 1/SSAE 16, SOC 2, SOC 3, PCI DSS Level 1, HIPAA, FedRAMP, and more. For further information, visit their website.
Proactive protection for your dataAdvanced Security Architecture
Lotse employs a multi-layered architecture to maximize reliability and data privacy. Each organization receives dedicated infrastructure, preventing any inadvertent data mix-ups. Our enterprise plans provide further options for on-premises or cloud-based data storage. Data at rest is encrypted using AES-256, while all web traffic is encrypted in transit. Our API servers are multi-tenant and don't persist data.Lotse undergoes annual penetration testing with prompt risk mitigation. Limited access is granted to essential employees only, ensuring your data remains private.We also employ a leading Web Application Firewall (WAF) to guard against intrusions and exploits, including SQL injections, CSRF attacks, DoS and DDoS attacks, and zero-day exploits.
Securing data through people and protocolsPersonnel & Process Security
At Lotse, infrastructure access is strictly reserved for key personnel and fortified with two-factor authentication. We encrypt all data transfers via SSL/SSH and never store any data unencrypted. Crucial configuration values are securely stored in the environment, not in code, ensuring no vulnerability. While no sensitive configuration values are exposed in our audit logs, all changes and accesses to these values are meticulously tracked. Security credentials undergo routine rotations, while our hosting partners deploy security patches regularly.To bolster human security, our operations staff receives ongoing security awareness training and stay abreast of industry developments.