Priority to confidentiality and integrity of your data

Protection of
data and access

How does Innovatiana protect its customers' data?

Innovatiana applies high security standards to protect data. All communications are encrypted (TLS 1.2/1.3), and stored data is secured by advanced encryption (AES-256). Access to information is strictly limited to authorized persons, with multi-factor authentication (MFA) and real-time connection tracking.

Where is annotated data stored and is it encrypted?

Most of the time, the data we process is directly hosted in the secure environments of our customers, or on the platforms they use. When hosting on our side is required, we ensure that the data is stored on servers that comply with international security standards (ISO 27001, SOC 2), with systematic encryption of data in transit and at rest.

‍

We always distinguish raw data from associated metadata or annotations, making sure that the original files are never altered. This separation makes it possible to guarantee the integrity of the data and to adapt our practices to the level of sensitivity specific to each type of information.

‍

Who has access to data during the annotation process?

Only authorized annotators and supervisors have access to the data they need for their work. Each user is subject to strict access controls based on the principle of least privilege: an annotator only sees information that is essential to their task, with no ability to download or copy the data.

Does Innovatiana share data with third parties?

No Innovatiana does not sell or share customer data with third parties. All data remains under the exclusive control of the customer, and access to them is strictly regulated according to confidentiality agreements signed with our customers and partners.

Safety of infrastructures
and compliance

What safety standards are applied at Innovatiana?

Innovatiana follows internationally recognized security standards, including ISO 27001 and GDPR for data protection. Our infrastructures are regularly updated to incorporate the latest cybersecurity improvements.

Are Innovatiana's services compliant with GDPR and other data protection regulations?

Yes. We apply the General Data Protection Regulation (GDPR) as well as other data protection regulations depending on the customer's region (CCPA in the United States, PIPEDA in Canada, etc.). We guarantee that customer data remains confidential and is only used within the framework defined by our contractual agreements.

How does Innovatiana ensure the confidentiality of its clients' projects?

We have strict non-disclosure agreements (NDAs) in place with our employees and annotators. In addition, all data is processed in a secure environment, with restricted and controlled access. Our platforms prevent screenshots and data recording by annotators.

Are the platforms and tools used secure against cyberattacks?

Yes. We only use secure annotation platforms, with protections adapted to the type of data processed. Depending on the nature of the data and metadata, different security mechanisms are in place, but in all cases, the information is stored in compartmentalized and isolated environments, to avoid any risk of unauthorized access.

Safety of annotators and internet connection

Do data annotators in Madagascar have a reliable internet connection?

Yes. Contrary to popular belief, Madagascar has a stable and efficient Internet connection, especially in the big cities where our annotators are based. We ensure that all our employees have access to a high-speed connection and use tools that allow continuity of service, even in the event of network fluctuations.

How do we ensure that annotators don't keep copies of the data?

Our annotation platforms are designed to prevent data from being saved locally. Annotators cannot download or copy the files they process. In addition, we have implemented access restrictions and activity logs.

What measures are in place to avoid data leaks?

We apply several levels of security to minimize any risk of leaks:

• 🔒 Restricted access: Each annotator has access only to the data strictly necessary for his mission.
• 👁️ Continuous monitoring: The systems we recommend record user activities to detect any anomalies during the annotation process.
• 📜 Strict privacy policies: All of our employees and partners sign Non-Disclosure Agreements (NDAs).
• 🎓 Continuing education: Our teams are aware of best cybersecurity practices and follow regular sessions to update security protocols.

Policies internal and commitments

What types of contracts do annotators sign to ensure data confidentiality?

All of our annotators and collaborators sign strict non-disclosure agreements (NDAs) before accessing customer data. Each annotator is identified individually, which allows us to ensure complete traceability of all actions performed — unlike crowdsourcing platforms where contributors are often anonymous. The NDAs include clauses prohibiting any dissemination, copying, or storage of processed information, and any violation results in immediate sanctions up to and including legal proceedings.

What security commitments do you offer to sensitive customers (banks, health, defense, etc.)?

For sectors with a high level of confidentiality, we are implementing reinforced security protocols:

• 🛡️ Advanced encryption data in transit and at rest (AES-256)
• 🧩 Isolated workspaces and restricted access to sensitive projects.
• 🖥️ Dedicated servers hosted in certified data centers (ISO 27001, SOC 2, HDS, HIPAA, etc.).
• 🔐 Customizing access levels according to customer requirements.

What to do in case of a security problem or a suspected data leak?

If you suspect a security problem, we encourage you to contact us immediately via the address provided to you after the launch of your project. Our incident response team will analyze the situation and apply the necessary measures to secure the data concerned. We have put in place an incident management plan allowing rapid and effective management of any anomaly detected.