Privacy is integral to Loris. In fact, safeguarding personal data is at the heart of everything we do. It’s the reason we draw our insights from anonymized, aggregated data that have been scrubbed of Personally Identifiable Information (PII). We retain only non personally identifiable data, so that we may continue to use it to improve our services.
We further take security precautions, including encryption, administrative, technical, and physical measures, to protect your Personally Identifiable Information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction.
We store all information on servers and we only permit approved Loris employees and third parties to access those servers pursuant to the practices described above.
However, perfect security does not exist anywhere, including for text messaging/SMS data. Although we take very strong and appropriate measures to safeguard against unauthorized disclosures of information, we cannot guarantee that PII will never be disclosed in a manner inconsistent with this policy, and make no representations or warranties regarding the sufficiency of our security measures to prevent unauthorized access or interception by third parties.
Given Loris.ai’s focus on empathy, it’s a logical extension for Loris.ai also to be focused on user privacy and ensuring that our users are comfortable with our data protection and security practices, policies, and procedures. As a significant element of that effort, we are actively evaluating those practices, policies, and procedures against the requirements of both GDPR and CCPA.
However, we’re not only concentrating on compliance. Given the heightened attention on data protection and the significance of user trust, we are viewing “privacy by design” – which is mandated by GDPR – not just as a legal obligation, but also as crucial to growth and industry leadership. While we intend for the Loris.ai product to ingest significant amounts of data, we want to avoid ingesting data that is not needed to operate or improve our business or technology. We also want to ensure that our practices are aligned with users’ expectations.
In addition, it is not just GDPR and CCPA on which we will be focusing. Other countries are following the EU with similar general privacy laws – among them, Brazil will be implementing its General Data Protection Law in August 2020, and India likely will be implementing its Personal Data Protection Bill not long after that. Similarly, numerous U.S. states in addition to California – including New York – have proposed privacy legislation that is under active review.
To help guide our privacy efforts, we work with outside legal and privacy experts as well as outside security consultants to ensure implementation of appropriate security procedures and practices.
Our platform is hosted in Oregon, USA.