Security at SuperAnnotate

Secure by design

Your data security is our uppermost priority, which is why we have industry-accepted certifications and comply with current industry standards and regulations.

Encrypted data storage

SuperAnnotate allows you to upload data to its encrypted storage through UI, CLI, or Python SDK. The uploaded data can be versioned, used for model training, model versioning, and deployment.

Any data or model created through SuperAnnotate’s encrypted storage solely belongs to its creator. SuperAnnotate is committed to never using or sharing any dataset or model created by its customers.

On-premise data, integrations in AWS, GCP, Azure, and more

With SuperAnnotate, you’re keeping your data on-premise. This provides greater control and privacy, as no sensitive information is shared with third parties. Our platform can be connected with any data source, allowing multiple people to collaborate and create the most accurate annotations in no time. You can also whitelist IP addresses, adding extra protection to your dataset. Learn how to set it up.

Offline access

For enterprises that work in environments without internet access, SuperAnnotate offers a fully on-premise solution. The software can be deployed either in your cloud infrastructure or on your own hardware. Our engineering team is available to help you deploy a version of our software onto your private cloud or local network.

Security FAQ

How is data access controlled at SuperAnnotate?

Access to data within the SuperAnnotate application is governed by role-based access controls (RBAC). SuperAnnotate has various permission levels for users within a team (team owner, team admin, project admin, annotator, etc.).

How are my passwords and credentials stored?

How are my passwords and credentials stored?

SuperAnnotate passwords and credentials are encrypted at rest and in transit:

  • Encryption at rest
    Data within SuperAnnotate is encrypted at rest in accordance with industry standards.
  • Encryption in transit
    All requests to SuperAnnotate must be made over the Transport Layer Security protocol (TLS). Clients must support Transport Layer Security (TLS) 1.0 or later. We recommend TLS 1.2 or later.

Our authentication system is HIPAA eligible and PCI DSS, SOC, and ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and ISO 9001 compliant.

Where is data hosted at SuperAnnotate?

SuperAnnotate uses AWS data centers in the United States. The services and data are hosted in Amazon Web Services (AWS) facilities (us-east-1) in the USA. All SuperAnnotate servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.

How often does the company perform maintenance or release new features?

SuperAnnotate performs regular maintenance and new features deployment once per 3 weeks on Sunday. The maintenance window usually lasts no more than an hour. For some complicated cases, it can take up to several hours. All our customers are notified beforehand.

What are the incident response steps?

Incidents are categorized based on their impact on the system. The process is defined step by step in the incident runbook. Every incident is followed up by post-mortem meetings and action items regarding the root cause. RSA is released for customers if appropriate.