SentiSum Update

SentiSum Security: Let's talk about your FAQs

SentiSum Security: Let's talk about your FAQs
SentiSum CEO & Customer Service Expert
LinkedIn icon
SentiSum Security: Let's talk about your FAQs

What data are we keeping secure?

Assuming we integrate with your Zendesk platform, we'll have access to all customer data points in the CRM.

While we have access, we will never use or process your customers' data for anything other than intended and agreed upon. We take free text from conversations, reviews and surveys to output insights to your view on the platform.

Under GDPR, we are legally a data processor and you are the data controller. We are completely GDPR compliant.

See our:
1. Data Protection Policy
2. Data Privacy and GDPR Agreement

How do users authenticate to the SentiSum dashboard?

The SentiSum dashboard users authenticate using their secure username and password along with 2FA.

The authentication mechanism leverages AWS Cognito over SSL. For our enterprise customers, users authenticate using SSO

Where are your data centers?

UK and Ireland

Who are your current subprocessors?

AWS Ireland and Google Ireland

What’s your data retention policy?

At the end of the commercial contract, all the data is permanently deleted within 30 days of contract termination.

What certification and penetration testing have you done?

We're very cautious with our customer's data. We've undertaken excessive security testing to ensure protection.

We've completed:
• Penetration testing:

• Cyber Essentials Plus (Read about the certification here)

In Progress: SOC 2 (expected Dec 2022)

What about your internal information governance security?

Please read the below documents to understand our ISG.

• Here's our incident response policy

• Data classification policy

What additional security do you have in regards to employees?

Here's our process to manage data access for new joiners and leavers.

We make sure our team is aware of the company-wide Information Security Policy. Our contracts of employment contain clear Information Security Responsibilities that must be followed by all employees.

How do you encrypt your data?

When data is at rest on our AWS servers we have full-disk encryption.

We use 256-bit Advanced Encryption Standard (AES-256) which is compliant with standards outlined in FIPS 140.When data is in transit, we apply encryption using TLS v1.2+.

We tightly control our encryption keys using AWS Key Management Service (AWS KMS). AWS KMS keys are protected by hardware security modules that are validated by the FIPS 140-2 Cryptographic Module Validation Program

Who has access to our data?

We control access to all data with a clear authentication and authorisation policy. Not every employee has equal access and customers are only able to see their own data.

Access to our servers must go through our VPN which only a restricted number of people have admin access to.

When our dashboard interacts with the APIs we use, we ensure secure access under the OAuth standard.

What's your Business Continuity & Disaster Recovery plan?

We regularly backup all data and have diversified our data centres.

Do you have an IT equipment usage policy in place?

Yes, we do. You can find it here.

How do you make sure your software development is safe and secure?

We have separate environments to build and produce our software. Our customer data is not used during development and testing and is separated from risk.

Please find our system development policy documentation here.

If you have any further questions, we're always available to help out.

Please reach out on contact@sentisum.com

Join a community of 2139+ customer-focused professionals and receive bi-weekly articles, podcasts, webinars, and more!

Trending articles

SentiSum Update

SentiSum Security: Let's talk about your FAQs

October 27, 2020
Sharad Khandelwal
SentiSum CEO & Customer Service Expert
TABLE OF CONTENT
Understand your customer’s problems and get actionable insights
See pricing

What data are we keeping secure?

Assuming we integrate with your Zendesk platform, we'll have access to all customer data points in the CRM.

While we have access, we will never use or process your customers' data for anything other than intended and agreed upon. We take free text from conversations, reviews and surveys to output insights to your view on the platform.

Under GDPR, we are legally a data processor and you are the data controller. We are completely GDPR compliant.

See our:
1. Data Protection Policy
2. Data Privacy and GDPR Agreement

How do users authenticate to the SentiSum dashboard?

The SentiSum dashboard users authenticate using their secure username and password along with 2FA.

The authentication mechanism leverages AWS Cognito over SSL. For our enterprise customers, users authenticate using SSO

Where are your data centers?

UK and Ireland

Who are your current subprocessors?

AWS Ireland and Google Ireland

What’s your data retention policy?

At the end of the commercial contract, all the data is permanently deleted within 30 days of contract termination.

What certification and penetration testing have you done?

We're very cautious with our customer's data. We've undertaken excessive security testing to ensure protection.

We've completed:
• Penetration testing:

• Cyber Essentials Plus (Read about the certification here)

In Progress: SOC 2 (expected Dec 2022)

What about your internal information governance security?

Please read the below documents to understand our ISG.

• Here's our incident response policy

• Data classification policy

What additional security do you have in regards to employees?

Here's our process to manage data access for new joiners and leavers.

We make sure our team is aware of the company-wide Information Security Policy. Our contracts of employment contain clear Information Security Responsibilities that must be followed by all employees.

How do you encrypt your data?

When data is at rest on our AWS servers we have full-disk encryption.

We use 256-bit Advanced Encryption Standard (AES-256) which is compliant with standards outlined in FIPS 140.When data is in transit, we apply encryption using TLS v1.2+.

We tightly control our encryption keys using AWS Key Management Service (AWS KMS). AWS KMS keys are protected by hardware security modules that are validated by the FIPS 140-2 Cryptographic Module Validation Program

Who has access to our data?

We control access to all data with a clear authentication and authorisation policy. Not every employee has equal access and customers are only able to see their own data.

Access to our servers must go through our VPN which only a restricted number of people have admin access to.

When our dashboard interacts with the APIs we use, we ensure secure access under the OAuth standard.

What's your Business Continuity & Disaster Recovery plan?

We regularly backup all data and have diversified our data centres.

Do you have an IT equipment usage policy in place?

Yes, we do. You can find it here.

How do you make sure your software development is safe and secure?

We have separate environments to build and produce our software. Our customer data is not used during development and testing and is separated from risk.

Please find our system development policy documentation here.

If you have any further questions, we're always available to help out.

Please reach out on contact@sentisum.com

Frequently asked questions

Is your AI accurate, or am I getting sold snake oil?

The accuracy of every NLP software depends on the context. Some industries and organisations have very complex issues, some are easier to understand.

Our technology surfaces more granular insights and is very accurate compared to (1) customer service agents, (2) built-in keyword tagging tools, (3) other providers who use more generic AI models or ask you to build a taxonomy yourself.

We build you a customised taxonomy and maintain it continuously with the help of our dedicated data scientists. That means the accuracy of your tags are not dependent on the work you put in.

Either way, we recommend you start a free trial. Included in the trial is historical analysis of your data—more than enough for you to prove it works.

Do you integrate with my systems? How long is that going to take?

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What size company do you usually work with? Is this valuable for me?

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What is your term of the contract?

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

How do you keep my data private?

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Support Insights Community
Join a community of 2200+ customer-focused professionals and receive bi-weekly articles, podcasts, webinars, and more!

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.