A Structured Approach to Security

We have developed and implemented a comprehensive set of policies, procedures, and controls to ensure the confidentiality, integrity, and availability of your data.

Specialized Teams in Security, Compliance, and Privacy

Retica has dedicated teams focused on security, privacy, and compliance, responsible for designing, managing, and continuously improving our defense systems. These teams:

• Implement advanced data protection measures,
• Continuously monitor our networks to detect any suspicious activity,
• Provide specialized consulting to our engineering teams.

We conduct regular internal audits and assessments with the support of accredited third parties. Additionally, we have appointed a Data Protection Officer (DPO) and adopted specific policies for data management, processing, storage, and disposal in compliance with the General Data Protection Regulation (GDPR).

For any questions about our privacy policy or GDPR compliance, you can contact our DPO at privacy@retica.ai.

Advanced Data Protection

Retica takes cutting-edge technical and organizational measures to protect data from accidental loss, alteration, unauthorized access or breaches. These include:

• Rigorous access controls, with strong authentication and limited privileges,
• Continuous monitoring and training of staff,
• Regular backups and data recovery procedures,
• Security incident management,
• Restrictions on data storage, printing and disposal,
• Technical protection of devices hosting data.

All these measures are in line with industry best practices and are constantly updated to ensure maximum security of your data.

Certifications and Conformity

Retica’s environment is HIPAA compliant and adheres to GDPR principles, ensuring maximum data protection.

The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law that establishes requirements for the management of protected personal health data. Compliance with this regulation ensures that all information processed in Retica is managed with the highest level of confidentiality.

For European users, data is processed and stored within the European Union, in data centers located in Frankfurt (Germany) and Ireland, in full compliance with data protection regulations.

Data Center Location and Security

Customer data is hosted on Amazon Web Services (AWS) servers, a trusted provider trusted by leading companies such as Netflix, Pfizer, and Siemens. AWS ensures the highest security standards and holds numerous certifications, including SOC 1, 2, 3, and ISO/IEC 27001:2013, with periodic audits to ensure compliance.

To meet data residency requirements, we offer multiple AWS Region options, each with multiple Availability Zones to ensure high business continuity.

Multi-Tenant Architecture and Customization Options

By default, we use a multi-tenant architecture, where customer data is logically separated at rest and protected by strict security filters applied to all database queries. For specific needs, we also offer a single-tenant implementation with a dedicated database, available as a commercial option.