Data Protection

Authentication and Access Management

End users may log in to Deepomatic using an Identity Provider, leveraging Deepomatic’s support for the Security Assertion Markup Language (SAML). This service will authenticate an individual’s identity and may provide the option to share certain personally identifying information with Deepomatic, such as your name and email address. Deepomatic’s SAML support allows organizations to control authentication to Deepomatic and enforce specific password policies, account recovery strategies, and multi-factor authentication technologies.

All requests to the Deepomatic API must be authenticated, either via a user/password authentification or via an API key tied to a user. The various dashboards of the platform and the underlying API sections are tied to specific roles. A user can access a specific dashboard only if he/she has been attributed the corresponding role.

Protection of Customer Data

Data submitted to the Deepomatic service by authorized users is considered confidential. This data is protected in transit across public networks and encrypted at rest. Customer Data is not authorized to exit the Deepomatic production service environment, except in limited circumstances such as in support of a customer request.

All data transmitted between Deepomatic and Deepomatic users is protected using Transport Layer Security (TLS). If encrypted communication is interrupted the Deepomatic application is inaccessible.

Deepomatic maintains a single data center in the EU. Deepomatic utilizes encryption at various points to protect Customer Data and Deepomatic secrets, including encryption at rest (e.g. AES-256).

Access to Customer Data is limited to functions with a business requirement to do so. Deepomatic has implemented multiple layers of access controls for administrative roles and privileges. Access to environments that contain Customer Data requires a series of authentication and authorization controls, including Multi-Factor Authentication (MFA). Deepomatic enforces the principles of least privilege and need-to-know for access to Customer Data, and access to those environments is monitored and logged for security purposes.