Security Policy

Effective Date: January 1, 2025

Analytical Insider, LLC ("we", "us", or "our") is committed to protecting your data and ensuring the security of AnalyticalInsider.ai, Analyticalinsider.com, analyticalinsider.io, analyticalfire.com (the "Services"). This Security Policy describes our security practices, compliance standards, and your responsibilities as a user. We adhere to industry-leading standards, including SOC 2, HIPAA, and GDPR.

1. Compliance Standards

• SOC 2: We maintain controls and undergo regular audits to ensure the security, availability, and confidentiality of your data.
• HIPAA: For health-related data, we implement safeguards required by HIPAA and train our staff on HIPAA compliance.
• GDPR: We follow GDPR security requirements for personal data of EU/UK users.

2. Data Encryption & Storage

• All data in transit is encrypted using TLS (HTTPS).
• All sensitive data at rest is encrypted using industry-standard algorithms (e.g., AES-256).
• Encryption keys are managed securely and access is restricted.

3. Access Controls & Monitoring

• Access to user data is restricted to authorized personnel only, based on role and business need.
• Multi-factor authentication (MFA) is required for administrative access.
• Comprehensive audit logs are maintained and regularly reviewed.
• Access reviews are conducted periodically.

4. Infrastructure & Application Security

• Our infrastructure is hosted on secure, industry-leading cloud providers with robust physical and network security.
• Regular security updates, vulnerability scans, and penetration testing are performed.
• We follow secure software development practices, including code reviews and automated security testing.
• Data backups are encrypted and tested regularly for integrity and availability.

5. Incident Response & Data Breach Notification

• We maintain an incident response plan for security events and data breaches.
• All incidents are logged, investigated, and remediated promptly.
• In the event of a data breach, affected users and regulators will be notified as required by law (GDPR, HIPAA, etc.).
• Post-incident reviews are conducted to improve our security posture.

6. User Responsibilities

• Keep your account credentials secure and do not share them with others.
• Use strong, unique passwords and enable MFA where available.
• Report any suspicious activity or security concerns to support@analyticalinsider.ai.
• Comply with all applicable laws and our Terms & Conditions when using the Services.

7. Third-Party Services & Vendor Management

• We carefully vet third-party service providers and require them to adhere to strict security standards.
• Data processing agreements are in place with all vendors who process personal or sensitive data.
• Third-party security practices are reviewed regularly.

8. Changes to This Policy

We may update this Security Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the effective date.

9. Contact Us

If you have questions or concerns about this Security Policy or our security practices, contact us at support@analyticalinsider.ai.