Cybersecurity at Interactio

Privacy and security are at the heart of what we do at Interactio. That’s why our remote simultaneous interpretation platform is protected by multiple security features complemented by constant product supervision and updates. This way, you can rest assured: your data is always protected.

12+

Partners certifications

15

Memberships
at industry associations

3

Industry based compliance

How does Interactio approach your data?

Data retention

We always allow clients to choose how long they want the event data to be stored.

Supervised data deletion

We ensure safe data deletion process supported by the Department of Defence standards.

Transparent client communication

We always inform clients when the event’s data is about to be deleted and provide an opportunity to retrieve it if they wish to.

Servers located in Europe

In partnership with AWS, we have several server locations around Europe.

All the servers are isolated, used once, and then all data is wiped. Thus, no information on the event details, participants, or chats is stored.

Compliance certifications and attestations

ISO/IEC 27001

Information Security Management System (ISMS)

CSA

Cloud Security Alliance

CSA

Cloud Security Alliance
STAR tier 1

HIPAA

Health Insurance Portability and Accountability Act

OWASP

Open Web Application Security Project

GDPR compliance

General Data Protection Regulation

Interactio Compliance
Certifications and Memberships

ISECOM (Institute for Security and Open Methodologies) Silver Team Member

Platinum Member of ISACA (Information Systems Audit and Control Association, biggest association of information systems audit and management in the world, www.isaca.org)

Member of Open Web Application Security Project (OWASP)

Member of Lithuanian OpenBSD (www.openbsd.org) team

Member of The Chartered Institute of Information Security (CIISec)

Member of The Institute of Electrical and Electronics Engineers is a professional association (IEEE)

Member of ISO 24019 working group

Board member of LITHUANIAN STANDARDS BOARD (LST)

Member of CENELEC, who is responsible for European standardization in the area of electrical engineering

Member of The International Society of Automation (ISA)

Member of Information Systems Security Association (ISSA)

Member of Cloud Security Alliance(CSA)

Member of Escal Institute of Advanced Technologies, Inc., which does business as SANS Institute

International association of Privacy professionals (IAPP)

Our strategic partner’s certification

AWS

ISO 27 001  AWS is ISO 27 001 certified

SOC2 Type1 The latest SOC 2 Type 1

SOC2 Type1 The latest SOC 2 Type 2

Digital ocean

ISO 27 001  Digital ocean is ISO 27 001 certified.

SOC2 Type1 The latest SOC 2 Type 1

SOC2 Type1 The latest SOC 2 Type 2

OVH

ISO 27 001  AWS is ISO 27 001 certified

Our clients' data is protected by

P2P security

24/7 perimeter control

Encryption on transit

Encryption at rest and on transit

Annual security audits

White box

DLP technologies

TLS 1.3

Role-based access control (RBAC)

Regular trainings & penetration tests

Grey box

Business continuity plan

First step

All client data is duplicated among servers and among providers.

Second step

In the rare occurrence of any kind of server issue, the tech team switches data centers in minutes.

Third step

The servers used have the highest uptime of 99.998%.

If you want to know the current Interactio status regarding problem
troubleshooting

FAQ

Where are the servers located?

Where are the servers located?

Processor

Types of data accessed

Purpose for the data access

Data Location

PURPOSE

FURTHER INFORMATION

Digital Ocean

Personal data contained in communications customers send or receive remote simultaneous interpretation (RSI) platform “Interactio”

To provide media streaming functionality in remote simultaneous interpretation (RSI) platform “Interactio”

Frankfurt, Germany, European Union

OVH Hosting

Personal data contained in communications customers send or receive remote simultaneous interpretation (RSI) platform “Interactio”

To provide media streaming functionality in remote simultaneous interpretation (RSI) platform “Interactio”

Paris, France, European Union

Amazon web services

Personal data contained in communications customers send or receive remote simultaneous interpretation (RSI) platform “Interactio”

To provide service functionality in remote simultaneous interpretation (RSI) platform “Interactio”

Frankfurt, Germany, European Union

Processor: Digital Ocean

To provide media streaming functionality in remote simultaneous interpretation (RSI) platform “Interactio”

Personal data contained in communications customers send or receive remote simultaneous interpretation (RSI) platform “Interactio”

Data Location: Frankfurt, Germany, European union

Processor: OVH Hosting.

Personal data contained in communications customers send or receive remote simultaneous interpretation (RSI) platform “Interactio”

To provide media streaming functionality in remote simultaneous interpretation (RSI) platform “Interactio”

Data Location: Paris, France, European Union.

Processor: Amazon web services

Personal data contained in communications customers send or receive remote simultaneous interpretation (RSI) platform “Interactio”

To provide service functionality in remote simultaneous interpretation (RSI) platform “Interactio”

Data Location: Frankfurt, Germany, European union

Is the client’s personal data encrypted?

Is the client’s personal data encrypted?

Yes, the client’s personal data is well encrypted. Below you can find the encryption process:

  • For connecting to infrastructure services we use a master key which is stored in Key Management Service on AWS. 
  • Traffic encryption is ensured by generating a 1024-bit RSA key pair. We encrypt the data on the client’s side before sending it to the Interactio RSI platform, then decrypt received data from storage, and verify that the decrypted data is the same as the original.
  • For extra security, we use the Server-Side Encryption (SSE) option to encrypt data stored at rest. 
  • Key validation authority: Sectigo RSA Domain Validation Secure Server CA.

Do clients own their personal data?

Do clients own their personal data?

Yes, the customer owns their personal data during the event. If according to the contract, a client wants the data to be saved, then the data is stored for the stated period after the event. 

Does Interactio own their client’s personal data?

Does Interactio own their client’s personal data?

Customer Data does not belong to Interactio and is not collected except if stated otherwise in the contract.

Does Interactio decide what to do with their client’s personal data?

Does Interactio decide what to do with their client’s personal data?

At Interactio, we follow strict GDPR and ISO 27001 rules regarding client personal data. We have a clear process on how information and data should be managed, who is responsible, and in what conditions. Regular security and privacy training as well as the whole privacy framework ensure that rules and procedures are known to every single person at Interactio.

ISMS-A08-3 Information Classification Procedure.
ISMS-A15-1 Information Security Policy for Supplier Relationships.
ISMS-05-1 Information Security Policy V.1 Final.

For how long does Interactio store their client’s personal data when an event is over?

For how long does Interactio store their client’s personal data when an event is over?

The time period is determined in the client’s contract. However, if the conditions are not discussed, the data is stored for 6 months after data collection.

How can clients access their personal data?

How can clients access their personal data?

After the event, the customer administrator or event organizer can download data related to the event. All data is stored in the encrypted Amazon S3 repository or encrypted Aurora database and is available for as long as the contract terms are stipulated.

Resources for clients

Privacy notice

Privacy policy

Security whitepaper

Data protection agreement

Meet our Data protection officer

Karolis Aulosevičius

DPO at InteractioInternational

karolis@interactio.io

“The compliance and security team's mission is to ensure that we provide secure and reliable service to every single customer in the whole world. We do that with passion and appreciation.”

Karolis Aulosevičius - DPO at Interactio

karolis@interactio.io

Read more about security at Interactio

Zoombombing: What it is & How Interactio prevents it

Security

Oct 6, 2021

SAML authentication: Your five most frequently asked questions answered

Security

May 17, 2021

Fear to lose your data online? Here’s 5 ways Interactio protects your data

Security

Aug 21, 2020
See more