Versions Compared

Old Version 24

changes.mady.by.user Su-Lyn Rosenberry

Saved on

compared with

New Version Current

changes.mady.by.user Su-Lyn Rosenberry

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleCompliance and Certification

  1. Does your app’s AI/ML collect or process any personally identifiable information (PII)?
    No, our app does not process personally identifying fields, such as name, email, address, profile picture, etc.

  2. Are you compliant with data protection regulations such as GDPR or CCPA? How do you ensure compliance with industry standards for data protection?
    Our ML model generates insights without targeting any PII. It uses anonymous IDs and excludes PII-related fields from the signal data received through various enabled integrations. This approach ensures compliance with data protection regulations such as GDPR and CCPA.

  3. Do you have any certifications or attestations in place for your AI/ML infrastructure (e.g., ISO 27001, GDPR)?
    While Capacity Insights was not included in our audits last year (2023) due to its release after the audit cycle had concluded, we have already included it in our current SOC 2 Type 2 audit cycle and other annual audits scheduled for this year (2024). This demonstrates our commitment to ensuring that all our products and services, including newly released offerings, adhere to the highest standards of security and privacy.

Panel
bgColor#DEEBFF

Key Certifications and Attestations:

  • ISO 27001:2022: This internationally recognized standard certifies our commitment to information security management across all our processes and systems.

  • ISO 27701:2019: This certification builds upon ISO 27001, specifically addressing privacy information management and ensuring compliant handling of personal data.

  • SOC 2 Type II: This independent audit report verifies the security controls of our cloud-based services.

  • CCPA and GDPR Compliance: We adhere to these regulations to protect the personal data of California and EU residents, respectively.

Panel
bgColor#FFFFFF

As of September 2024, we have successfully completed surveillance audits against the industry-leading ISO 27001:2022 and ISO 27701:2019 standards, which included Capacity Insights within their scope. These achievements highlight our continuous efforts to ensure the confidentiality, integrity, and availability of our customers' data while continuously improving our security and privacy controls to meet the evolving needs of our clients and the regulatory landscape.
Image Removed bkg.pngImage Added
To explore the full details of Tempo's security and privacy measures, including certifications, attestations, and audit reports, please visit our Trust Center at https://trust.tempo.io/

  1. How do you ensure that your AI/ML system complies with industry-specific regulations (e.g., HIPAA for healthcare, FERPA for education)?
    We have a dedicated compliance team, led by a Data Protection Officer (DPO), which regularly monitors our services’ compliance with any applicable industry-specific regulations. Currently, such regulations as HIPAA, PCI DSS, or FERPA do not apply to Tempo services.

  2. How do you handle data residency concerns? Can customers choose to have their data processed by AI/ML algorithms in specific geographic regions?
    Currently, we provide data residency only in the US. However, we understand the importance of data residency for our customers and are considering support for other regions in the future.

...