Data Security & Privacy

We are committed to keeping your data secure

In today's fast-paced digital world, safeguarding confidential data has become an essential consideration for companies. The protection of sensitive data from unauthorized access, theft, or damage is crucial to avoid consequences such as loss of customer trust, brand damage, regulatory non-compliance, and financial repercussions. Ensuring data security and privacy is not only essential but also a critical component of modern business operations, including our own.

How does the AI & Analytics Engine work? 

The AI & Analytics Engine is a self-service and enterprise machine learning platform for both business users and the data-savvy alike.
Everyone, even those without data science or programming expertise, can easily connect the Engine to data sources and quickly start creating predictive models.

Secure Infrastructure Provider

PI.EXCHANGE’s production environment runs on Google Cloud Platform (GCP). GCP upholds the highest security standards. All data is hosted in a secure GCP facility that is SOC 2, ISO 27001, ISO 27017, ISO 27701, CSA compliant.


Data Encryption in Transit and at Rest

Data is encrypted in transit (TLS) and at rest provided by the Google Cloud Storage Server-Side Encryption. To process data it is securely accessed with a secure connection using TLS v3 encryption.


Data and Trained Model Access

In the PI.EXCHANGE hosted AI & Analytics Engine, no data provided by the user is copied or transmitted for any purpose other than preparing data, training models, generating predictions based on a trained model, or as otherwise required to support the user or via an Advanced AI Services engagement.

Trained models, input data, and predictive outputs are only accessible to the customer, with a small amount of metadata used for product enhancements. No data about the model is shared or used outside of this purpose.



All access to the platform is authenticated. To authenticate users use a signed and encrypted access token that is obtained after entering an 8-character (or more) password that consists of at least one: number, lowercase letter, uppercase letter, and special character then verifying their email.


Access Control

The AI & Analytics Engine uses a Role-Based Access Control (RBAC) model for managing data and related assets within the product at 2 levels: organization and project level. A user’s data, projects, and models are segregated from other accounts and users as defined by the RBAC system.


Server Security and Monitoring 

The AI & Analytics Engine is deployed in a secure and access-controlled multi-tenant environment only accessible via secured portals and APIs. This includes the API for the SDK and prediction API of the deployed models. We apply a Zero Trust Security model in our approach to the design and implementation of systems.


Deployment On-premise or Private Cloud for Enterprise

We do not store and transfer data outside of the client's chosen environment. If it is an on-premise deployment data is encrypted in transit and at rest provided by the MinIO Server Side Encryption. If it is a private cloud deployment we utilize the client's S3-compatible services.


Logs and Monitoring 

PI.EXCHANGE understands that data is an organizations most strategic and vital asset. As such, the security and privacy of data are our highest priorities. Changes to PI.EXCHANGE’s infrastructure is tracked and where there is a security impact is reported to clients.

Within the AI & Analytics Engine, all actions performed are accessible via logs. This means there is traceability of any user activity. These logs are only exposed to the user with appropriate permissions so internal audits can be performed.


System Availability and Resilience

The AI & Analytics Engine system is architected and configured to achieve High Available, Fault Tolerance, and for Disaster Recovery requirements. PI.EXCHANGE employs Google Cloud Load Balancing to distribute incoming application traffic across multiple targets, increasing the availability of the application and safeguarding the Engine from various forms of DDoS attacks.


Internal Policies and Best Practices

PI.EXCHANGE ensures security, privacy integrity, and compliance via a Zero Trust and Zero Tolerance model. We follow a well-defined suite of Information Security Policies & Standards that guide the design, development, and operations of the product and services.

The AI & Analytics Engine is built with a security-by-design approach adhering to OWASP S-SDLC best practices. We employ state-of-the-art protection measures including, but not limited to, privilege account management, centrally managed endpoint protection, intrusion prevention system, and firewalls at different layers and segments of our infrastructure.


Collection and Use of Information

We may collect some personal information to better provide support and services to our users through the website and the AI & Analytics Engine. We maintain up-to-date policies including user notices, website terms of use, privacy policy, and the AI & Analytic Engine EULA.

Use machine learning to solve your biggest problems with peace of mind

We follow a strict Zero Trust & Zero Tolerance model.

The Engine is configured for High Available, Fault Tolerance, and Disaster Recovery requirements.

The Engine runs on Amazon Web Services (AWS). AWS upholds the highest security standards.

Data is encrypted in transit and at rest provided by AWS S3 Server Side Encryption (S3-SSE).

The Engine can be deployed flexibly to meet your security requirments.

Data-driven teams can unite to build value with data affordably and efficiently with a single end-to-end platform