Secure Architecture
All your raw data remains in your own data warehouse which the Comparative algorithm uses for analysis, which generates a set of parquet files that are securely stored in Comparative’s private AWS Cloud Storage. All data is broken up and column headers are hashed to prevent any association with customer naming conventions
Additionally, our cloud-based application enforces the use of TLS/SSL/HTTPS protocols for communication with users. Our application is designed to limit user access by role, and users are limited to only retrieving the specific data that they have access to, on-demand, when viewing a dashboard.
Data Governance & Security Measures
We use logical access control designed to manage electronic access to data and system functionality based on authority levels and job functions, which allows administrators to configure access levels in their organizations.
Secure Personnel:
We pride ourselves on building a culture of excellence and accountability. Every member of our team undergoes training that highlights their obligation to protect the privacy, integrity, and security of customer data.
We use Rippling and Jumpcloud to manage all company devices and can lock or erase them at any time if required. Employees that need access to raw data for development or analysis must go through a Comparative API which verifies their credentials and determines whether they have permission to access the data. Additionally, we’re committed to:
We use Rippling and Jumpcloud to manage all company devices and can lock or erase them at any time if required. Employees that need access to raw data for development or analysis must go through a Comparative API which verifies their credentials and determines whether they have permission to access the data. Additionally, we’re committed to:
Continuous Team Training
Secure Software Development Lifecycle
Robust Testing Standards
You can learn more about our security measures by visiting the Data Processing Addendum.
Read DPA
Privacy
At Comparative, we manage personal data in a way that is both thoughtful and comprehensive. We continue to invest in data management policies in compliance with privacy regulations.
You can find more details about our approach on the Privacy Policy page.
Read Privacy PolicyContact Us
For additional information about our security and data governance policies please reach out to us at
security@comparative.ai
FAQs
Does Comparative have any Security Certifications, for example ISO27001, SOC2, or GDPR?
We are currently in the process of working toward ISO 27001 certification.
What is your product’s data security architecture? Architecture
All your raw data remains in your own data warehouse which the Comparative algorithm uses for analysis. This aggregate analysis generates a set of parquet files that are securely stored in Comparative’s private AWS Cloud Storage. All data is broken up and column headers are hashed to prevent any association with customer naming conventions.
Additionally, our cloud-based application enforces the use of TLS/SSL and HTTPS for communication with users. Our application is designed to limit user access by role, and users are limited to only retrieving the specific data that they have access, on demand, when viewing a dashboard.
Additionally, our cloud-based application enforces the use of TLS/SSL and HTTPS for communication with users. Our application is designed to limit user access by role, and users are limited to only retrieving the specific data that they have access, on demand, when viewing a dashboard.
Can customer data be deleted (GDPR)? Customer data deletion
All customer data is stored in either their own data warehouse or in our AWS S3 Cloud Storage. A request to our Strategy & Ops team can trigger a full removal of all customer associated data.
Can customer user data be deleted (GDPR)? Customer user data deletion
Our algorithm does not collect raw customer specific user data fields from your data warehouse.
Our SaaS application hold your employees username and password information for access; this can be deleted by the customer account owner at any time.
Our SaaS application hold your employees username and password information for access; this can be deleted by the customer account owner at any time.
Where is the Comparative customer data stored? Customer data storage
Comparative builds an ETL that runs and stores its output within the customer’s data warehouse. We use AWS for our web services which securely transmit encrypted data. Processed customer data is stored on our secure Comparative customer-specific AWS S3 bucket in a hashed Parquet file.
This Comparative customer specific AWS S3 bucket is hosting by default in USA however can be located in another AWS region if required.
This Comparative customer specific AWS S3 bucket is hosting by default in USA however can be located in another AWS region if required.
Does Comparative have any Security Certifications, for example ISO27001, SOC2, or GDPR?
- We use Rippling and Jumpcloud to manage all company devices and can lock or erase a device at anytime if needed.
- For AWS we use Multi-factor authentication (MFA) for all accounts, enforce password criteria, and rotate company keys on a regular basis.
- Employees that need access to raw data for development or reporting analysis must go through a Comparative API which verifies their credentials and determines whether they are allowed to access the data.