What's your name?

1/6

Security & Data Protection

Our Approach

At Aletheic, we take the security and privacy of our clients' data seriously. Our security practices are built on four core principles: confidentiality, integrity, availability, and compliance.

We implement industry-standard security measures across all our systems and processes to protect client data throughout the project lifecycle.

Access Control

We follow the principle of least privilege — team members only have access to the systems and data they need for their specific role.

All access to client systems is managed through individual accounts with strong authentication. Shared credentials are never used.

Access is reviewed regularly and revoked immediately when team members leave or change roles.

Two-factor authentication is required for all internal systems and client-facing tools.

Infrastructure & Hosting

We recommend and use established, enterprise-grade hosting providers with SOC 2 compliance.

All data in transit is encrypted using TLS 1.2 or higher.

Regular security updates and patches are applied to all systems.

Backups are performed regularly and stored securely with encryption at rest.

Data Processing & Privacy Law

We process personal data in accordance with applicable privacy and data protection laws, including GDPR where applicable.

Data Processing Agreements (DPAs) are available and signed for all projects involving personal data.

We only process data as instructed by our clients and for the specific purposes agreed upon.

In the event of a data breach, we follow a strict incident response procedure and notify affected parties within the legally required timeframe.

Subprocessors

We maintain a list of subprocessors (third-party services) that may process client data. This list is available upon request.

Incident Response

Our incident response process follows four steps: identification, containment, eradication, and recovery.

All security incidents are documented and reviewed to prevent recurrence.

Responsible Disclosure

If you discover a security vulnerability in any of our systems, please report it to security@aletheic.tech. We appreciate responsible disclosure and will work with you to address any issues promptly.

Contact

For security-related inquiries, please contact us at security@aletheic.tech.