Skip to main content
Security introduction

This is a general introduction to how Zive processes and protects customer data.

Updated over a week ago

When considering data security and safety, we always reflect and apply the following three aspects:

  • Security by design

  • Technical security

  • Operational security

All of these aspects and related measures are guaranteed by Zive contractually to its customers through the applicable contract work and the data processing agreements specifically.

Security by design

We believe that the most important security measures are already taken during the development of a software platform. This is when certain architectural design decisions are being made that ensure that the least amount of data necessary is being processed and that data is processed and stored securely. For example, a specific software architecture is required to ensure all data in transit and at rest can be fully encrypted with the latest encryption technology while making sure that the platform continues to perform at the desired speed.

Our software engineering teams are comprised of highly skilled and experienced software architects and developers who have decades of experience building reliable business software. Further, we make sure to keep our engineering teams trained on the latest security developments and technologies.

As a consequence, Zive was built from the ground up with security and personal data protection as a top priority. Our software architecture follows that of a state-of-the-art cloud platform, adopting patterns like least privilege, logical separation, service-oriented architectures, separation of concerns, and infrastructure as code. Due to this unique architecture, Zive does not require a full copy of the customer data. Instead, Zive only keeps a metadata representation (knowledge graph) due to power of the customers' searches and AI conversations.

Technical security

No software can work without data which is why it is important to apply strict security measures to protect the data actually used by an application. As described above, we have developed Zive to minimize the data needed as well as the transactions and places needed to store it. Click here to learn more about the type of data that Zive stores.

The data that is required for Zive to work is protected through a variety of technical measures, each of which we review and improve regularly according to current standards. These measures include, amongst others:

  • Encryption of all data in transit and at rest using the latest TLS and AES encryption technology

  • Data integrity validation using signatures/hashes

  • Regular system and software updates

  • Firewalls and virus scanning

  • Internal virtual networks

  • Pseudonymization wherever possible

  • Separation of production and development systems

  • Separation of different processing systems

  • Separation of different storage systems

  • Separation of tenant data

  • Logging and audit trails

This list only outlines the most critical and common practices applied by Zive. Please review your data processing agreement (DPA) with us which includes details about the specific detailed measures taken.

Operational security

Besides measures taken on the architectural and technical level, we apply all standard procedures on an operational level to ensure customer data is protected at all times. These measures include, amongst others:

  • Physical and virtual access controls

  • Strict access and account management

  • Device management

  • Separation requirements

  • Non-disclosure agreements with employees and sub-processors

  • Regular employee training

  • Logging and audit trails

  • External data protection officer

Did this answer your question?