Skip to main content

Our Security Framework

It is critical for our customers to have peace of mind about the security of our product. The core of the Auto Insights business involves dealing with sensitive client data. From day one, we built our product and designed our business processes and Software Development Lifecycle with security and risk in mind.

Internal Policies and Procedures

With respect to our internal protocols, we have roles and responsibilities defined for information security, segregated across roles and individuals to avoid conflicts of interest and prevent inappropriate activities. We have human resource policies and background checks for sensitive roles. We conduct security training for all new employees, and a formal disciplinary process is in place to handle information security incidents allegedly caused by staff.

Data Security

We employ mobile devices and teleworking policies and controls for mobile devices (such as laptops, tablet PCs, smartphones, and removable media). We have strict access controls to manage the allocation of access rights to users from initial user registration to removal of access rights when no longer required. Information access is restricted in accordance with the access control policy and to the minimum necessary privileges. All client data is encrypted both at rest and in transit. If our clients have data sovereignty requirements, we ensure their data is stored in the required geographical region.

For our customer data, we employ Microsoft's cloud solution, Azure which is accredited, reputable, and industry-renowned for its approach to data security.

We have implemented policies around operations security such as IT operating responsibilities and procedures, Backups, Logging & monitoring, Technical vulnerability management, and Information systems audit considerations.

Risk Management

We are constantly reviewing our business continuity management at the board level, and the Information security continuity and redundancies in all the levels below.


We identify and document our obligations to external authorities and other third parties in relation to information security, including intellectual property, business records, privacy/personally identifiable information, and cryptography. We also conduct external and independent security reviews to enhance our security and ensure that the highest security standards are utilized and met for our customers.