top of page

Privacy Policy

Privacy Policy and Security Information

At Tagit, the security and privacy of our clients' data are our highest priorities. Below is an outline of the measures and practices we have implemented to ensure robust security and responsible data management.

Data Sensitivity and Security Classification

  • Data Sensitivity: Tagit processes annotated data that may include proprietary client information, sensitive commercial data, and occasionally, personal data (if applicable). We do not handle classified information.

  • Security Classification: Although the data is non-classified, we apply stringent protection measures suitable for sensitive but unclassified information.

Data Protection and Privacy Measures 

  • Encryption: All data, whether in transit or at rest, is encrypted using AES-256 standards to safeguard against unauthorized access.

  • Anonymization: Personally identifiable information (PII) is anonymized wherever possible to enhance privacy protection.

  • Access Control: Data access is role-based and limited to authorized personnel, ensuring restricted access to sensitive information.

Cybersecurity and Threat Mitigation

  • Network Security: Firewalls, Intrusion Detection Systems (IDS), and Intrusion Prevention Systems (IPS) are deployed to block unauthorized access and monitor potential threats.

  • Regular Assessments: Monthly vulnerability scans and annual penetration testing are conducted to identify and address security gaps.

  • Incident Response Plan: A formal incident response framework ensures quick and effective management of data breaches or other security incidents, with regular team training to maintain readiness.

User Authentication and Access Management

  • Multi-Factor Authentication (MFA): MFA is mandatory for all platform users, adding an extra layer of protection during login.

  • Role-Based Access Control (RBAC): Access rights are granted based on user roles, following the principle of least privilege.

  • Audit Logs: Detailed logs of all user activity are maintained and regularly reviewed to identify unusual patterns and ensure accountability.

Regulatory Compliance

  • GDPR Compliance: For EU data, Tagit adheres to GDPR standards, ensuring secure handling of personal information, data subject rights, and data portability.

  • ISO/IEC 27001 Alignment: Our systems, processes, and policies aim to align with ISO/IEC 27001 standards for information security management.

Risk Management and Contingency Planning

  • Risk Assessments: Regular assessments are conducted to identify potential vulnerabilities and mitigate risks.

  • Backup and Recovery: Daily data backups are performed, and recovery protocols are in place to ensure quick restoration in case of a system failure.

  • Security Training: Team members and freelancers participate in ongoing training on best practices, phishing prevention, and secure data handling.

Ethics and Responsible Data Use

  • Ethical Data Handling: All team members adhere to strict guidelines for responsible and ethical data use, respecting client privacy.

  • Transparency: Clients are kept informed about data handling policies and security measures and may inquire about procedures at any time.

bottom of page