Get Started

Data Security Policy

Effective Date: August 05, 2025

 

This Data Security Policy outlines Arahi AI’s commitment to protecting data processed through our agentic AI platform (the “Service”). It applies to all employees, contractors, and systems handling sensitive data.

1. Purpose

To establish measures for protecting data from unauthorized access, loss, or breach, ensuring compliance with laws like CCPA and GDPR.

2. Scope

Applies to all data classified as sensitive, including Personal Data, Conversation Data, and Usage Data. Excludes public data.

3. Principles

  • Access based on least privilege.
  • Data encrypted in transit (TLS) and relevant data at rest (AES-256).
  • Regular training on security.

4. Technical Measures

4.1 Access Controls

Unique user IDs, multi-factor authentication, role-based access.

4.2 Network Security

VPN for remote access, firewalls, intrusion detection.

4.3 Data Encryption

All sensitive data encrypted.

4.4 Monitoring

Logs reviewed for anomalies; regular audits.

5. Organizational Measures

  • Employee confidentiality agreements.
  • Incident response plan: Notify affected parties within 72 hours of breach.
  • Sub-processors vetted and bound by DPAs.

6. Physical Security

Data centers with access controls, surveillance.

7. Compliance and Audits

Annual reviews; cooperate with regulators. We maintain SOC 2 compliance where applicable.

8. Breach Response

In case of breach, we isolate, investigate, and notify as required.

9. Employee Responsibilities

Report incidents; adhere to policies.

10. Review

This policy is reviewed annually or after incidents.

Contact: For questions, email support@arahi.ai.

Join the Betalist

We will send you an invitation to join our platform, keep an eye in your inbox