top of page

SCOUT AI

Scout Scurity Detail.png

Security & Privacy Details

images_edited.jpg
download.png
images_edited.jpg
Ambersearch

Ambersearch interface provided to Black Box Scout Ai:

  • Certified, sovereign hosting: AmberSearch runs on EU infrastructure with recognised security certifications, providing robust protection and European data sovereignty.

  • GDPR compliance and role‑based access: It aligns with GDPR and preserves your existing roles and permissions, ensuring traceable, least‑privilege access across your organisation.

  • Privacy‑first architecture: Designed to minimise exposure to third‑party AI, keeping sensitive data under your control.

  • No training on customer data: AI models are not trained on your content, preventing leakage or memorisation.

  • Minimal personal data processing: The service avoids unnecessary processing and storage of personal data, reducing privacy risk by design.

  • Documented security controls: Operations follow ISO‑aligned practices with clear technical and organisational measures for ongoing protection.

  • Secure integrations: Connectors operate within controlled environments, enabling safe retrieval and use of knowledge across your systems.

​

AmberSearch safeguards security and privacy for client data through a combination of certified infrastructure, strict compliance, and privacy‑first product design.

  • Certified, sovereign hosting: By default, AmberSearch is hosted on German servers in the Open Telekom Cloud, which carries certifications including ISO 27001, SOC2, TISAX, and BSI C5, ensuring a hardened environment and EU data sovereignty for AI operations within secure, localised infrastructure .

  • GDPR compliance and access‑rights preservation: The platform is fully GDPR‑compliant and integrates with existing company roles and rights, maintaining current access permissions without creating parallel access structures, so data remains protected and traceable across the organisation .

  • Privacy‑first architecture for SMEs: AmberSearch provides a plug‑and‑play, privacy‑first solution designed to avoid exposure to third‑party AI providers, addressing SME concerns about integration complexity, data security risks, and IT resource constraints while keeping sensitive data under full control .

  • No training on customer data: AI models are not trained using customer data, preventing inadvertent leakage or model memorisation and aligning with GDPR and emerging EU AI Act requirements .

  • Minimal personal data handling: The service’s purpose is not to process personal data, and it does not store user data, reducing privacy risk and compliance exposure by design .

  • Ongoing security posture: AmberSearch maintains ISO 27001 and SOC2 standards, supported by DPAs, defined technical and organisational measures, and a documented SaaS security concept, providing contractual and technical assurance for data processing and protection .

  • Secure integration and knowledge management: Deep integration within a company’s own IT environment ensures operations run inside controlled, compliant systems while AmberSearch manages connectors and knowledge retrieval securely across silos without compromising data protection .

Together, these measures deliver end‑to‑end protection: certified EU hosting, strict GDPR compliance, preserved access rights, privacy‑first AI usage without training on client data, and documented security controls—so teams can safely search, interact with, and automate against internal knowledge using AI .

Fasthosts
download.png

Security foundations and certifications

  • ISO 27001–certified data centres: Fasthosts operates within ISO 27001–accredited environments, indicating rigorous controls over people, processes, and technology for information security best practice .

  • Continuously monitored security posture: Independent monitoring (e.g., UpGuard) assesses Fasthosts’ external attack surface across website, email, phishing/malware, reputation, and network security, contributing to an overall security rating and highlighting ongoing oversight of risks .

Platform security controls

  • Free SSL certificates: SSL is included with hosting plans to encrypt data in transit, protecting customer transactions and improving trust and SEO signals .

  • DDoS protection: Network‑level safeguards help mitigate distributed denial‑of‑service attacks to maintain availability .

  • Automatic backups: Nightly or scheduled backups enable data recovery and resilience against loss or corruption; Acronis‑powered options offer advanced backup and disaster recovery with granular restore .

  • Malware scanning and removal: Site security services include scanning and remediation to reduce the risk of compromise .

  • Managed firewalls and access control (VPS): Customers can define firewall policies and rules per server or across servers to tightly control network access .

Operational reliability and support

  • High availability and uptime commitment: Fasthosts cites a robust infrastructure with UK data centres and a 99.9% uptime guarantee to support continuous, secure operations .

  • 24/7 support and knowledge base: Around‑the‑clock assistance and documentation help customers implement and maintain secure configurations effectively .

Privacy protections and governance

  • Privacy Notice and data handling: Fasthosts limits access to personal data to those with a genuine business need, enforces confidentiality, and partners only with organisations that apply appropriate safeguards; systems are regularly tested, and breach procedures are in place .

  • Cookie policy transparency: The cookie policy explains how data may be processed via cookies, links to the privacy policy, and identifies when third‑party data sharing may occur, supporting informed consent and compliance .

  • Acceptable Use Policy (AUP): Sets standards for user content and behaviour, prohibiting abusive or privacy‑invasive activities and clarifying misuse handling, which helps protect other users’ data and the platform’s integrity .

  • Terms of Service and policy framework: Centralised terms and policies (including complaint escalation and privacy) define responsibilities and controls around data processing and service use .

Secure guidance and best practices

  • Vendor guidance on securing servers: Fasthosts provides practical advice (e.g., prefer SFTP over FTP, implement IDS, keep regular backups, database hardening) to help customers configure their environments securely, reducing risks of interception or intrusion .

Summary

  • Fasthosts combines certified infrastructure (ISO 27001), encryption (SSL), DDoS protection, malware defences, backups with Acronis options, and managed network controls, underpinned by monitored security posture and 24/7 support for strong data security in practice .

  • On privacy, Fasthosts’ Privacy Notice, cookie transparency, and AUP emphasise least‑necessary access, confidentiality, vetted subprocessors, continuous testing, and defined breach procedures, giving customers governance and clarity over how personal data is protected and processed .

Looking to Implement an Efficient Document Management System?

bottom of page