Security and Compliance
Q: Is TestingAIde GDPR compliant?
A: Yes. TestingAIde is fully aligned with GDPR requirements. All user data is processed with transparency, stored only for its intended purpose, and deleted upon request. Users maintain full control over their personal data, and consent is obtained before any data processing activities.
Q: How is my data protected within the platform?
A: Data protection is ensured through multiple security measures, including:
- Encryption in transit and at rest using industry-standard protocols (TLS 1.2+ and AES-256).
- Role-based access control (RBAC) to restrict sensitive data visibility.
- Segregated environments to isolate customer data and workloads.
- Regular penetration testing and continuous monitoring for vulnerabilities.
Additionally, sensitive credentials (such as API keys and access tokens) are stored securely in encrypted vaults and never exposed in plain text.
Q: Are audit logs maintained for user actions?
A: Yes. TestingAIde maintains comprehensive audit logs for compliance and security purposes. These logs capture:
- User login and logout activities.
- Configuration changes and updates.
- Test executions and modifications.
- Dataset and model access history.
Audit logs can be utilized for compliance reviews, internal audits, or regulatory checks.
Q: Which compliance standards does TestingAIde support?
A: TestingAIde is designed with enterprise-grade compliance in mind and adheres to standards such as:
- GDPR (General Data Protection Regulation)
- ISO 27001 (Information Security Management)
- SOC 2 Type II (System and Organization Controls)
- Industry-specific compliance needs such as HIPAA or PCI DSS, depending on customer use cases.
Q: Can I restrict data residency to a specific region?
A: Yes. Customers can configure regional data residency policies to ensure their datasets and test artifacts remain within specific geographic boundaries (e.g., EU, India, US). This helps meet local compliance and data sovereignty requirements.