SECURITY
INFORMATION

Sense Street Security and Privacy teams, establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors. Our Policies are based on the following foundational Principles:

1. Least Privilege rule – Access granted only to personnel with legitimate business need.
2. Defence-in-depth rule – Security Controls implemented across all business areas.
3. Continuous Improvement & Monitoring of already implemented controls.

Sense Street maintains a SOC2 Type II attestation, ISO 27001 certification, as well as Data Protection Registration Certificate.

We employ strict data protection measures to ensure the safety of your personal information. Our systems are designed with multiple layers of security controls to prevent unauthorized access, disclosure, or alteration of your data. We regularly review and update our security protocols to stay ahead of evolving threats and vulnerabilities. More information available at: https://sensestreet.com/privacy-policy.

To ensure that only authorized individuals have access to client environment, we employ robust user authentication mechanisms. This includes strong password requirements, multi-factor authentication and session management controls.

Our infrastructure is hosted on secure servers that are monitored 24/7. We work with trusted third-party providers that maintain highest standards of physical and network security. Our infrastructure is regularly audited and tested to identify and address any potential vulnerabilities or weaknesses.

Sense Street Limited engages with one of the best penetration testing consulting firms in the industry at least annually with the aim of identifying the potential vulnerabilities or systems exposed to attacks, test targets are assessed with a combination of automated tools and manual exercises.

Sense Street Limited conducts vulnerability scanning at key stages of our Secure Development Lifecycle, using specialized software tools designed to automatically scan networks, systems, or applications for known vulnerabilities.

It’s important to note that vulnerability scanning, and penetration testing are just a part of a comprehensive security program. Once vulnerabilities are identified, Sense Street Limited ensures to address them through appropriate remediation efforts, such as applying patches, updating software versions, implementing configuration changes, or deploying additional security controls.

Access to user data is strictly limited to authorized personnel who require it for legitimate purposes. All employees undergo thorough background checks and receive comprehensive security training. We enforce strict internal policies and guidelines to ensure the protection of user data and maintain the highest level of confidentiality.

Sense Street Limited collects application logs from all systems. These logs are stored encrypted in a centralized logging facility, separate from the system generating the logs, which is in line with industry standards for audit trails. Logs are maintained for the business purpose of investigating past system activity.

We have established incident response procedures to handle any security incidents or breaches effectively. Our security team continuously monitors our systems for any suspicious activities or unauthorized access attempts. In the event of a security incident, we will promptly take actions to mitigate the impact.

If you have any questions, concerns, or would like to receive more information about our security practices, please do not hesitate to contact our support team at support@sensestreet.com. We are committed to providing a safe and secure environment for our users and will be happy to assist you.