GDPR & privacy compliance is critical for businesses to be able to function today. TimelinesAI is GDPR, UK GDPR, and CCPA compliant.
TimelinesAI’s servers are located within our own virtual private cloud (VPC) in Frankfurt, Germany. This way data never leaves EU. Servers are protected by restricted security groups. We ensure that only the minimal required communication occurs between servers.
All connections to TimelinesAI are encrypted using SSL. Attempts to connect over HTTP is redirected to HTTPS. We maintain A+ grade for Qualys/SSL Labs.
TimelinesAI conducts mandatory code reviews for code changes and periodic and in-depth security reviews. TimelinesAI testing and development environments are separated from its production environment.
TimelinesAI supports SSO using G-Suite and Slack. Access to TimelinesAI applications are logged and audited.
User passwords are salted, irreversibly hashed, and stored in our database.
The web application architecture and implementation follow OWASP guidelines. They are built in Python using the Django framework.
Trust is not gained, it’s earned. We put our best effort to protect your data and comply with all regulations. You can find more details about our commitment on TimelinesAI’s Privacy Policy page, or download TimelinesAI Data Processor Agreement.
TimelinesAI LLC provides a standard Data Processing Agreement in compliance with Article 28 of the GDPR. This DPA forms part of our Terms of Service and applies automatically to all customers who use TimelinesAI services. By subscribing to or using our services, you agree to the terms of the DPA.
You can review and download the current version of the DPA here: Download TimelinesAI DPA
TimelinesAI complies with the Protection of Personal Information Act (POPIA) through the same security and privacy principles used for GDPR, ensuring lawful, secure, and transparent data processing for South African customers.
Full Documentation: TimelinesAI POPIA Compliance
