At Dialog Insight security is our priority!
To comply with applicable laws and protect your data, we have :
Have peace of mind, your data is safe at Dialog Insight!
Dialog Insight is ISO27001 certified, an international standard for information security.
The International Organization for Standardization 27001 (ISO 27001) is an information security standard that ensures the confidentiality, integrity and security of offices, development centers, support centers and data centers.
The SOC (System and Organization Controls) certification was created by the American Institute of Certified Public Accountants (AICPA) with the objective of guaranteeing the protection of data against unauthorized access and cyber threats.
Dialog Insight performs annual SOC II audits on information security, availability, processing integrity, privacy and confidentiality.
Alain Marceau, Vice-President Finance and Founder, is the Data Protection Officer at Dialog Insight.
To reach him, email dpo@dialoginsight.com or call +1 866 529-6214.
The “Data Protection Officer” or “Data Privacy Officer” (DPO) is a term used to designate the “person responsible for setting up and securing the personal data” used by a company. Its role is to ensure that the processes are properly aligned with the laws and regulations in force in the industry.
Dialog Insight complies with data confidentiality and privacy laws in Quebec, Canada, the United States, the European Union, and elsewhere in the world.
Our technical teams work with specialist lawyers to ensure that our products and features comply with international spam and privacy laws.
Dialog Insight complies with the new Law 25 requirements. We have :
In the event of a confidentiality incident, Dialog Insight will immediately notify the Commission d’accès à l’information du Québec (CIAQ) and the persons concerned, if the incident presents a risk of serious prejudice.
Dialog Insight was the first Canadian company to deploy a solution meeting the requirements of Bill C-28, in order to manage consents.
Through our platform’s consent center, you easily control explicit and implicit sending rights. You can communicate without concern with your contacts according to the consents they have granted you.
Dialog Insight allows you to comply with the regulations in force in the European Union regarding the protection of personal data, such as:
The Dialog Insight platform is encrypted using a TLS protocol.
Login pages and API logins are protected against brute force attacks.
Dialog Insight account passwords are secured by a hashing algorithm. No one can access it, even our team. If you lose your password, it cannot be recovered, it will be reset.
As a security measure, we regularly perform security penetration tests using various external providers. Testing involves high-level server penetration testing, extensive testing for vulnerabilities inside the platform, and social engineering testing.
We also offer single sign-on for connecting to our platform via our customers’ SAML identity provider (IdP). Thanks to this option, the client user already connected to their system will be able to use the Dialog Insight platform without having to connect to it, since he is already authenticated in a first system. Dialog Insight strongly recommends the implementation of such a data protection measure.
Our data centers are protected, 24 hours a day, 7 days a week, with biometric scanners and state-of-the-art elements in the field of computer security.
We have implemented DDoS attack mitigation measures in all our data centers.
We have a documented infrastructure continuity plan in the event of an attack on our data centers.
All data under our responsibility is saved in highly secure environments with very strict access, and in compliance with the laws in force in their respective countries.
The data of our Canadian customers is hosted in Canada, that of our French customers is hosted in France.
Data is mirrored and regularly backed up offsite.
All databases are kept separately and are protected against corruption and overlap. We have several logic circuits to separate user accounts from each other.
You can decide the level of access you grant to your employees. At any time, you can define the permission and rules specific to each of your users.
Access to your data by our team is granted only upon approval and is limited to those who absolutely must obtain it to manage your account.
Dialog Insight premises are secured with biometric and key card access. They are monitored by infrared cameras 24 hours a day.
We have an internal security team dedicated to monitoring our environment and looking for possible vulnerabilities. They perform penetration testing and social engineering exercises in our environment and with our employees.
Dialog Insight trains its employees in security best practices, including how to identify social engineering, phishing scams and hacking.
Teams with access to customer data undergo criminal background checks, as well as pre-employment credit checks.
All employees sign a privacy agreement outlining their responsibility to protect customer data.
To protect our business, we have taken out a comprehensive insurance program that covers:
In the event of an incident, if your computer is compromised or someone enters your account, Dialog Insight automatically suspends accounts with irregular or suspicious login activity.
Furthermore :
If you have discovered a vulnerability in the platform or believe your account has been compromised, contact us by email at dpo@dialoginsight.com.