The security of your customer data is of paramount concern to us.

Data is an essential part of our business. Even more essential, though, is trust. When it comes to information security, we must continually earn that trust–in the security of our systems and applications, and our ability to protect your data. So we dedicate significant time and resources to security, both during development to ensure we deploy inherently secure solutions, and in our ongoing operations to safeguard against vulnerabilities.

humans at the center
GDPRCCPASoc2 ReadyFedramp Ready

Key Security Features

World-Class Data Centers

Harmonize.Ai's server infrastructure is hosted on Google Cloud. GCP's compliance program is designed to follow international security standards and regulations, while protecting confidentiality and data privacy. Data centers provide the necessary means to operate 24 x 7 and protect data from physical damage and network issues.

Data encryption

When you access Harmonize.Ai, SSL technology protects your information using both server authentication and data encryption in transit. We use TLS with up to 256 AES encryption if supported by the client. Data at rest is protected by FIPS140-2 standards compliant encryption. Backups are encrypted with AES-256. Passwords are never stored as clear text; they are always hashed and salted securely.

Additional Security

Systems Security

This covers the physical and environmental security of servers and data centers, as well as technical security of the network, resources and systems. We work with trusted service partners to provide enterprise-level security to host and maintain our servers, data storage and related technology services.

Our partners’ hosting environment and data centers include the following accreditations:

  • ISO 27001
  • SOC 1 & SOC 2 / SSAE 16
  • PCI Level 1
  • FISMA Moderate

Application security

Securing the application layer is a serious commitment, involving for example:

  • evaluation and selection of technology frameworks for inherent security;
  • following a rigorous software development lifecycle;
  • using specialized tools for health monitoring and tracking;
  • adopting a security mindset in architecture and system design;
  • conducting regular vulnerability assessments.

Data security

In addition to utilizing a secure hosting environment, data while processed and stored on our platform is encrypted with TLS/SSL protocols when in transit, and block-level storage encryption when at rest.

Compliance

We fully believe personal data should be kept private and used only for the specific purposes for which it was collected. We've embraced the‘Privacy by Design’ principles advocated by the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We also engage with and stay up to date on new policies and general best practices for Qualitative Research data and ethical social science.

Data privacy compliance

In addition to fully adhering to international regulations like the GDPR standard, we've also adopted the same approaches within our platform, where clients benefit from several tools and features to help with GDPR compliance, including:

  • Built-in data classification models
  • Your own data retention policy mechanism
  • Tools for data access and rectification
  • User authentication & permission controls
  • Plain language privacy statement
  • Security audit logs

If you have any concerns, wish to report an incident, or for general security questions, please contact us here.

Request a demo

The website uses cookies and other tracking tools to provide you with the best experience.

By using our site, you acknowledge that you understand this and are willing to comply with the terms in our privacy Policy.