At Semji, the security and confidentiality of your data are our top priorities. Discover the measures we have implemented to protect your documents throughout their lifecycle on our platform.
Introduction:
At Semji, we understand the importance of data security. Your documents are hosted on AWS in Ireland, benefiting from advanced security standards and robust encryption. Only authorized personnel can access your information, and we are committed to ensuring data confidentiality and protection through strict compliance standards.
Storage
Document Hosting
-
What hosting provider is used for uploaded documents?
Semji uses Amazon Web Services (AWS) for hosting its platform and uploaded documents. -
Where are these documents geographically stored?
Documents are hosted in the AWS eu-west-1 data center, located in Ireland. -
Are storage environments isolated per client or shared?
Semji applies a logical separation of data for each client on the platform.
Data Retention Policy
-
How long are uploaded documents retained?
Documents are retained for the duration of the contract and up to 180 days after contract termination unless otherwise requested by the client. -
Is there an archiving process before permanent deletion?
Yes. At the end of the contract, a logical deletion is performed prior to permanent deletion, 180 days later. -
Can clients customize these retention settings?
No, retention settings are preset to ensure security and compliance.
Encryption and Security
Encryption Methods
-
What encryption processes are used to protect documents?
Semji applies encryption to data both in transit (during transfer) and at rest (when stored) to ensure enhanced security. -
What encryption algorithms and standards are used?
Semji utilizes AWS Key Management Service (KMS), which employs advanced algorithms compliant with current security standards. More information can be found on the AWS website.
Document Usage
-
Are uploaded documents used to train the AI model?
No, client documents are never used to train our AI. -
Who can access uploaded documents?
Only authorized personnel, including the client's Customer Success Manager (CSM) and select members of the technical team, can access documents if a specific need arises.
Compliance and Other Topics
Regulatory Compliance
- What certifications and security standards are upheld?
Semji is in the process of obtaining SOC2 Type II certification, a recognized standard for data security systems, demonstrating our commitment to rigorous security and privacy practices.
What is SOC 2?
SOC 2 (Service Organization Control 2) is an internationally recognized standard that certifies a service complies with strict requirements for security, availability, data integrity, confidentiality, and privacy. It assures that the processes and systems in place adhere to best practices for safeguarding sensitive data.
Authentication and Access
-
What authentication options are available for users?
The platform supports Single Sign-On (SSO), delegating authentication to the client’s infrastructure. -
What roles and access rights are available?
Semji follows the principle of least privilege: by default, only workspace administrators (OWNER) can grant access rights to users.
Security Audits and Logs
- How are security audits and logs managed?
Semji maintains logs of each access to uploaded documents to ensure thorough tracking.