Privacy policy

This document outlines the privacy and security certifications and measures implemented by Evercopy. Our commitment to maintaining high standards ensures the protection of customer data and compliance with global security regulations.

Certifications and Compliance

• SOC 2 Type II Compliance: Demonstrates our ongoing commitment to the highest standards of security, availability, processing integrity, confidentiality, and privacy of client data.
• ISO 27001 Certification: This international standard affirms our robust management of information security, focusing on continuous improvement and risk management.
• PCI DSS Compliance: Ensures the protection of sensitive payment card information, preventing data breaches and fraud.

Data Security Measures

• Enhanced Large Language Model (LLM) Protocols: We deploy private LLMs that operate within our secure environments, ensuring no external server interactions and maintaining strict data privacy.
• End-to-End Encryption: All data, both at rest and in transit, is encrypted using advanced cryptographic methods to prevent unauthorized access and ensure data integrity.
• Two-Factor Authentication (2FA): Enforced for all data access points to provide an additional layer of security that protects against unauthorized access attempts.

GDPR Compliance and Data Management

• Right to Access and Data Portability: Clients have the right to access their data and receive it in a structured, commonly used, and machine-readable format.
• Right to Erasure (“Right to be Forgotten”): We provide mechanisms for clients to request the deletion of their personal data in accordance with GDPR requirements.
• Data Minimization and Purpose Limitation: We collect only the data necessary for specified, explicit, and legitimate purposes, and ensure it is kept no longer than necessary.

Continuous Improvement and Transparency

• Regular Compliance Audits and Updates: Our policies and procedures are reviewed regularly to ensure they align with current laws and regulations.
• Security Awareness and Training Programs: Ongoing education initiatives keep our staff informed about the latest security practices and compliance requirements.
• Transparent Data Practices: We commit to transparency about our data use practices, providing clear and accessible privacy notices.

Future Projections and Strategic Goals

• Innovative Data Protection Technologies: We continually explore advanced technologies like AI-driven security to enhance data protection capabilities.
• Expansion of Compliance Certifications: Plans to acquire additional certifications such as HIPAA or FEDRAMP to cater to a broader client base and meet sector-specific compliance needs.