Security & privacy architecture

Overview of our measures to keep your data safe

ISO 27001:2022

Since 2021, Orion Intelligence is certified for ISO 27001: Information Security Management. This certification confirms that we have implemented adequate processes and infrastructure for secure data handling.

ISO 27701:2019

Since 2021, Orion Intelligence also holds certification for ISO 27701: Privacy Information Management. This certification ensures our compliance with various privacy regulations globally.

EN 50518

For alarm monitoring centers: the use of the Orion Intelligence platform is compliant with European Norm 50518 (amendment A1:2023)

Security penetration testing

Regular security penetration tests are conducted on our platform and infrastructure by an external party. Our latest reports have awarded us the highest possible mark for security.

Data deletion policies

What you don't have can't be stolen. Our platform enforces strict deletion policies to remove Personally Identifiable Information (PII) as soon as it is no longer needed, minimizing the risk of data breaches.

Privacy compliance

Orion Intelligence is explicitly compliant with the EU's and UK's GDPR, United States' Federal data legislation, Canada's PIPEDA, Swiss Federal Act on Data Protection, and the Australian Privacy and Data Protection Act.

Global data segregation strategy

Our infrastructure is globally segregated to ensure data remains within the legal boundaries. For instance, EU data is hosted within the EU, US data within the US, and Canadian data within Canada, etc.

Data processing agreements (DPA)

With each contract, a data processing agreement is concluded. Orion Intelligence has a standard DPA but is also willing to collaborate with customers' legal and privacy teams to accommodate their specific DPA requirements.

CiTiP

Orion Intelligence has a close link with CiTiP, the Centre for IT & IP Law at the University of Leuven (KUL). CiTiP researchers are renowned for their contribution in drafting the EU's GDPR as well as the EU's AI Act.

Multi-Factor Authentication (MFA)

Orion Intelligence employs Multi-Factor Authentication (MFA) to enhance security. By requiring multiple forms of verification, we ensure that only authorized users can access sensitive data and systems.

Least Access Privilege

We implement a least access privilege model, granting users the minimum access necessary to perform their tasks. This approach minimizes potential security risks by restricting unnecessary access to sensitive information.

Privacy by design

Orion Intelligence works together with the DistriNet research unit of the University of Leuven (KUL) on a privacy-by-design methodology.

Encryption at rest & in transit

All data transferring in and out of our platform is encrypted, as is data stored on our systems, adhering to the latest industrial standards.