Service security and data protection
AWS provides the security of the hosting environment, which includes physical security, fault-tolerance, redundancy, and operations and personnel security. ABBYY has implemented all the required controls and Security procedures, including encrypted communications and operational procedures, identity and access management, intrusion detection, DDoS attack prevention, and penetration testing. Data protection in AWS is described here.
ABBYY provides Vantage Cloud service application security and continuous operations, including a variety of security technologies and procedures to save uploaded data from unauthorized access, use, or disclosure. Regular penetration testing conducted by ScienceSoft.
SOC 2 Type 2 certification
ABBYY Timeline is SOC2 Type 2 certified. The full audit report is available to customers under an NDA. Please contact your account manager to request a copy.
At ABBYY, we take data privacy issues very seriously and make sure that our solutions are compliant with the latest data protection laws.
Data processing locations
All customer data is processed and stored within the Amazon’s data centers. Data centers are in N.Virgina(United States), Frankfurt(Europe), Tokyo(Japan) and Sydney(Australia). Each customer can select a region where data will be stored and processed.
You control access to your data
When ABBYY delivers a complete tenant to the customer, the administrator on the customer side receives complete visibility and control to its tenant, users of the tenant will have the complete visibility of their data. Administrators can invite other users to the tenant and assign user access roles.
Access to the service for ABBYY employees is strictly restricted and seamlessly logged.
Storage and automatic data removal
ABBYY Timeline is an AI-driven process mining platform, not a data storage service. Data submitted for processing persists if customer has the active subscription. Data will be deleted 30 days after the expiration of the subscription.
While ABBYY Timeline employs rigorous security protections and all data is always encrypted in motion and at rest we strongly recommend that our customers do not load any PII, PHI or other highly sensitive data to the cloud as it is not necessary for process intelligence analysis.