Security
Compliance
Privacy
At Dialog Insight security is our priority!
Have peace of mind, your data is safe at Dialog Insight!
To comply with applicable laws and protect your data, we have :
- established strict rules of governance,
- defined exemplary security measures,
- set up rigorous control processes,
- and follow industry best practices.
Dialog Insight complies with data privacy and protection laws in Québec, Canada, the United States, the European Union, and other jurisdictions worldwide.
Our technical teams work closely with legal experts to ensure our products and features comply with international anti-spam and privacy regulations.
Compliance
Dialog Insight helps you meet the new requirements of Law 25.
Whether it’s managing consent preferences, accessing personal data, platform processing, or data security, we provide clear answers and effective solutions to support your compliance needs.
Since all data is fully hosted in Québec, your Privacy Impact Assessment (PIA) process is simplified. No data is exposed to jurisdictions lacking equivalent privacy protection.
We enter into written agreements with our clients to meet all regulatory requirements.
Dialog Insight was the first Canadian company to deploy a solution meeting the requirements of Bill C-28, in order to manage consents.
Through our platform’s consent center, you easily control explicit and implicit sending rights. You can communicate without concern with your contacts according to the consents they have granted you.
Dialog Insight allows you to comply with the regulations in force in the European Union regarding the protection of personal data, such as:
- The right to be forgotten and the destruction of data on request
- Data retention
- Data accessibility
Protection and security
At Dialog Insight, data protection is taken seriously.
The Dialog Insight platform complies with the highest standards and norms of data protection.
Our audit reports and certifications, including ISO 27001 and SOC 2 Type 2, confirm that our management processes are effective at the expected level.
A series of data encryption measures are used to ensure enhanced protection as data flows through our environment (TLS, TDE, etc.), to prevent it from being visible.
To validate our security effort, we regularly carry out security penetration tests using external providers. The tests involve high-level server intrusion testing, as well as in-depth vulnerability testing inside the platform.
Other access-level protection measures are in place for users, including access restricted to IP address ranges.
In addition, single sign-on is available for connecting to our platform through our clients’ SAML identity provider (IdP). Thanks to this option, the client user already connected to their system can use the platform without having to log in again, since they are already authenticated in a first system.
Dialog Insight strongly recommends the implementation of such a data protection measure to its clients.
Our data centers meet our security and reliability requirements.
The data rooms are protected and access is controlled 24/7, with biometric scanners, surveillance cameras, and IT security procedures.
All data under our responsibility is stored in highly secure environments with strict access controls, and in full compliance with the laws of their respective countries.
Canadian client data is hosted in Canada, while French client data is hosted in France.
Data is mirrored and regularly backed up offsite.
All databases are stored separately and are protected against corruption and overlap.
We use multiple logical circuits to keep user accounts fully isolated from one another.
You have full control over the access level you grant your employees. At any time, you can define individual permissions and rules for each of your users.
Access to your data by our team is granted only with your approval, and is limited to authorized personnel who absolutely need it to manage your account.
The Dialog Insight offices are secured, and employees operate in a controlled environment.
We have a dedicated internal infrastructure team responsible for the proactive management of our environment and for monitoring potential vulnerabilities.
Access to client data is limited, and our staff can only access authorized information, with measures proportional to the sensitivity of the data they handle.
Dialog Insight trains its employees in security best practices, including how to recognize social engineering, phishing scams, and hacking attempts.
Teams with access to client data undergo criminal background checks and pre-employment credit screenings.
All employees sign a privacy agreement outlining their responsibilities in protecting client data.
To protect our business, we have subscribed to a comprehensive insurance program that covers:
Errors and omissions liability incidents
Cyber liability incidents
Property and business interruption incidents
General liability incidents
Alain Marceau, Vice President of Finance and Co-Founder, is the Data Protection Officer at Dialog Insight. To contact him, send an email to dpo@dialoginsight.com or call +1 866 529-6214. *The Data Protection Officer (DPO), also referred to as Data Privacy Officer, is the person responsible for overseeing the implementation and safeguarding of personal data used by an organization. His role is to ensure that all processes align with current industry laws and regulations.
If you have discovered a vulnerability in the platform or believe your account has been compromised, contact us by email at dpo@dialoginsight.com.
