What security and compliance certifications has Sensors Data obtained, and how can customers access related information?

What security and compliance certifications has Sensors Data obtained, and how can customers access related information?

• Sensors Data has obtained certifications for Information Security Management System (ISO 27001), Privacy Information Management System (ISO 27701), Quality Management System (ISO 9001), CMMI Level 3 Software Capability Maturity, and SDK Special Security Evaluation. For detailed information, customers can contact Sensors Data's Customer Success or Project Managers.

How does Sensors Data's software protect customer data security?

How does Sensors Data's software protect customer data security?

• Based on the data security lifecycle, Sensors Data's security measures include but are not limited to:
• Collection: Encrypted event cache and strong data import validation.
• Transmission: HTTPS for transmission links, encryption support for tracking events and attributes.
• Storage: Encrypted storage of login usernames and passwords.
• Usage: Follows the principle of data minimization, supports data obfuscation, and includes data watermarking.
• Deletion: Supports bulk data deletion and data deletion based on user IDs.

How does Sensors Data's SDK ensure the compliance of data collection?

How does Sensors Data's SDK ensure the compliance of data collection?

• At Sensors Data, we strictly adhere to the principles of "legality, legitimacy, and necessity" when collecting data. We inform users about permissions, purposes, methods, and the scope of personal information processing through privacy policies and other means. Data collection commences only after obtaining user authorization and consent.
• Customized Data Collection: Our SDK supports tailored data collection for events and attributes, enabling users to enable or disable event collection based on specific business needs.
• Delayed Initialization for Compliance: We offer delayed initialization to meet compliance requirements. Data collection starts after users explicitly agree to the "Privacy Policy" during SDK initialization. For controls containing sensitive personal information, our products provide APIs to exclude related data collection.
• Ecure Collection with Encryption: When gathering information through the SDK, we ensure the protection of sensitive data by locally encrypting it before transmission to our servers.

Is it compliant to upload phone numbers and ID card numbers as attributes based on business needs?

Is it compliant to upload phone numbers and ID card numbers as attributes based on business needs?

• Phone numbers and ID card numbers are not part of the predefined attribute collection information in Sensors Data's products. Whether you can collect this information depends on your specific scenarios and must be determined by customers themselves through their own custom data collection. Sensors Data's products provide means for displaying obfuscated information and encrypted storage for sensitive data to ensure data security.

Does Sensors Data conduct regular security testing on its products?

Does Sensors Data conduct regular security testing on its products?

• Sensors Data's security team conducts regular security testing on products both in the pre-release SDL stage and after product releases. Vulnerabilities identified during testing are promptly addressed in accordance with internal vulnerability management requirements.