Security, Privacy, and Compliance
Adzact is committed to prioritising security and privacy. We recognise the importance of our clients' data, ensuring it always remains under their control, with no personal information on advertising targets held. Our robust security, privacy, and compliance measures are verified by multiple third parties, ensuring adherence to industry standards and certifications.
To access policies and terms go to our Trust and Policy Centre
Security Controls
Our security framework is designed for continuous monitoring and enhancement. It encompasses a comprehensive architecture, embedding security at every level – from application design to infrastructure deployment.
Security Architecture
Adzact’s defence-in-depth approach to security uses best practices across all platform aspects and business processes. This includes:
Application Security
We ensure that applications do not execute with root privileges. Activities are closely monitored through centralised logging, and access to databases is tightly controlled. All API requests are thoroughly authenticated, and data in transit is protected with 256-bit SSL encryption.
Infrastructure Security
Our servers, hosted on AWS in Ireland, align with EU data residency requirements. They are configured with minimal software, strong user account controls, and SSH key pair authentication, ensuring that data transfers remain encrypted.
Storage Security
Client data, crucial for training our machine learning models, is processed and stored separately from our application database. Access to this data is restricted to a select group of employees, based on their role requirements.
Employee Controls and Ongoing Testing
Adzact fosters a security-conscious culture. Employees are regularly trained in privacy and security practices and are bound by confidentiality agreements. Our security stance is continuously validated through phishing simulations, external penetration testing, and proactive vulnerability assessments.
Data Privacy
We are fully compliant with GDPR and other relevant data privacy laws. Our practices are regularly reviewed by independent legal experts to ensure transparency and client control over their data. We focus on collecting only essential company-level data, avoiding personal data, and ensuring secure, consent-based collection and usage.
Client Onboarding and Data Management
The client onboarding process is transparent, detailing the specific business data we require and the secure methods of its transfer and storage. We use SFTP for secure data transmission, with encryption at rest to further protect client data within our systems.
Compliance and Transparency
Our compliance with GDPR and other privacy regulations is foundational to our operations. We provide detailed documentation on our compliance strategies and data handling practices, ensuring clients are well-informed throughout their journey with us.
Data Ownership and Portability
Clients maintain full ownership of their data. We use this data exclusively for developing targeted digital advertising models. This data is kept separate and secure, used only for the purposes agreed upon with the client.
General Data Protection Regulation (GDPR)
Adzact’s adherence to GDPR is comprehensive. We engage in data processing agreements with clients, incorporating standard contractual clauses for data security. For more information, visit our GDPR and sub-processors pages, or contact us at privacy@adzact.com
Platform and Infrastructure Security
Our platform architecture is designed to ensure the utmost privacy and security of client data. This is achieved through segregated customer data storage in virtual private clouds and the use of trusted cloud hosting providers like Amazon Web Services. We employ advanced encryption techniques and follow best practices in software development, including regular security reviews and penetration testing.
Business Continuity and Disaster Recovery
We have robust business continuity and disaster recovery plans in place, ensuring our services remain resilient and reliable.
Ongoing Compliance and Auditing
We conduct regular security audits. This commitment to continuous improvement is a cornerstone of our security strategy.
Technical Security and Compliance
Our security measures include a state-of-the-art Web Application Firewall, DNS security, and stringent data encryption protocols. Our AWS infrastructure is rigorously managed, employing best practices in infrastructure management and code security, ensuring the highest levels of protection.
Client Support and Business Continuity
Each client is supported by a dedicated customer success account manager, ensuring personalised attention and continuity. Our business continuity plans guarantee minimal downtime and swift recovery in case of any disruptions.
Openness and Accountability
Our Security and Trust Whitepaper, available upon request, details our comprehensive security practices. We invite feedback and continually evolve our security measures to maintain the highest standards.
For more information or inquiries about our security and data privacy practices, please contact our security team at security@adzact.com. We are dedicated to ensuring the trust and security of our clients at all times.