Security and Privacy
at muffintech
Security and Privacy
at muffintech
Security and Privacy
at muffintech
At muffintech, the security of your data is our top priority. In a world driven by artificial intelligence, we understand how important the protection of personal information is.
At muffintech, the security of your data is our top priority. In a world driven by artificial intelligence, we understand how important the protection of personal information is.
Outline
Outline
Hosting and data processing in the EU
Hosting and data processing in the EU
Automation tool for detecting personal data
Automation tool for detecting personal data
Continuous monitoring and threat detection
Continuous monitoring and threat detection
Data processing and protection measures
Data processing and protection measures
Data protection guarantee
Data protection guarantee
Safe AI
Safe AI
Security at muffintech is non-negotiable. We rely on the best technologies and comprehensive measures to protect your data and privacy. Your trust is our highest priority, and we ensure that all users have a safe and reliable experience.
Security at muffintech is non-negotiable. We rely on the best technologies and comprehensive measures to protect your data and privacy. Your trust is our highest priority, and we ensure that all users have a safe and reliable experience.
Safe AI – security you can trust
Safe AI – security you can trust
01
01
As proof of our commitment, we have appointed Tomas Gan as Chief Information Security Officer (CISO). Through these measures, we ensure compliance with legal and regulatory requirements, while reinforcing the trust of our partners and customers.
As proof of our commitment, we have appointed Tomas Gan as Chief Information Security Officer (CISO). Through these measures, we ensure compliance with legal and regulatory requirements, while reinforcing the trust of our partners and customers.
Our Information Security Management System (ISMS) is certified according to ISO 27001:2022, and we use continuous audits and monitoring systems to ensure the protection of your data. We identify, assess, and minimize all data protection risks through stringent security controls.
Our Information Security Management System (ISMS) is certified according to ISO 27001:2022, and we use continuous audits and monitoring systems to ensure the protection of your data. We identify, assess, and minimize all data protection risks through stringent security controls.
Data protection guarantee
Data protection guarantee
02
02
We implement comprehensive Technical and Organizational Measures (TOM) to ensure the security and protection of personal data. Our employees undergo regular training, and compliance with these measures is routinely monitored.
We implement comprehensive Technical and Organizational Measures (TOM) to ensure the security and protection of personal data. Our employees undergo regular training, and compliance with these measures is routinely monitored.
Technical and organizational measures (TOM) in accordance with the GDPR
Technical and organizational measures (TOM) in accordance with the GDPR
We maintain detailed records of all processing activities, including risk analyses and Data Protection Impact Assessments (DPIA), to ensure compliance with all data protection requirements. Third parties involved in our data processing are subject to strict contractual agreements.
We maintain detailed records of all processing activities, including risk analyses and Data Protection Impact Assessments (DPIA), to ensure compliance with all data protection requirements. Third parties involved in our data processing are subject to strict contractual agreements.
Documentation of data processing
Documentation of data processing
muffintech strictly adheres to the legal foundations of data processing. New processes are developed with a strong focus on data protection, and we have implemented strict IT usage policies to ensure both data privacy and compliance with AI regulations.
muffintech strictly adheres to the legal foundations of data processing. New processes are developed with a strong focus on data protection, and we have implemented strict IT usage policies to ensure both data privacy and compliance with AI regulations.
Data protection regulations and AI Act compliance
Data protection regulations and AI Act compliance
Our employees are thoroughly trained and committed to adhering to data protection policies, promptly reporting incidents, and participating in regular audits to ensure compliance with data protection regulations.
Our employees are thoroughly trained and committed to adhering to data protection policies, promptly reporting incidents, and participating in regular audits to ensure compliance with data protection regulations.
Internal protective measures
Internal protective measures
Data processing and protection measures
Data processing and protection measures
03
03
Our advanced security solutions identify vulnerabilities and threats as they emerge, and respond immediately to protect the integrity of your data. In the event of an incident, we promptly notify both the authorities and the affected individuals if necessary.
Our advanced security solutions identify vulnerabilities and threats as they emerge, and respond immediately to protect the integrity of your data. In the event of an incident, we promptly notify both the authorities and the affected individuals if necessary.
Real-time threat detection and prevention
Real-time threat detection and prevention
Our systems are active around the clock to detect potential security threats in real time and address them immediately. Thanks to our continuous monitoring processes, we ensure that your data is protected at all times.
Our systems are active around the clock to detect potential security threats in real time and address them immediately. Thanks to our continuous monitoring processes, we ensure that your data is protected at all times.
24/7 protection for your data
24/7 protection for your data
Continuous monitoring and threat detection
Continuous monitoring and threat detection
04
04
We have developed an automation tool that can identify and anonymize personal data. This tool can be implemented upon request to ensure additional security measures. We always process personal data within the framework of data processing agreements (DPA) and do not use chat data for model training.
We have developed an automation tool that can identify and anonymize personal data. This tool can be implemented upon request to ensure additional security measures. We always process personal data within the framework of data processing agreements (DPA) and do not use chat data for model training.
Automation tool for detecting personal data
Automation tool for detecting personal data
05
05
All data is hosted on Microsoft Azure servers in Frankfurt, within the EU. We ensure that all data processing complies with the stringent requirements of the GDPR and guarantee that no data is used for model training. Microsoft contractually commits to using the data solely for the purposes agreed upon in the contract.
All data is hosted on Microsoft Azure servers in Frankfurt, within the EU. We ensure that all data processing complies with the stringent requirements of the GDPR and guarantee that no data is used for model training. Microsoft contractually commits to using the data solely for the purposes agreed upon in the contract.
Hosting and data processing in the EU
Hosting and data processing in the EU
06
06
Person responsible at muffintech
Person responsible at muffintech
Our founder, Tomas Gan, serves as COO and CISO, overseeing all information security and data protection matters. He ensures that all processes meet the highest security standards and are GDPR-compliant, leading the ISMS and being responsible for the ISO27001 certification.
Our founder, Tomas Gan, serves as COO and CISO, overseeing all information security and data protection matters. He ensures that all processes meet the highest security standards and are GDPR-compliant, leading the ISMS and being responsible for the ISO27001 certification.