Security, compliance and trust

Advanced cybersecurity measures and strict compliance with the existing legal framework.

Compliance and certifications

We ensure that our solutions comply with the most stringent security and privacy regulations, allowing you to operate with complete peace of mind:

GDPR Compliance

Provides omni-channel communications for aseamless experience.


Implement contextual messaging for more relevant interactions.


Offer digital promotions to toimprove customer relations.

ISO / IEC 27001

Provides omni-channel communications for aseamless experience.


Implement contextual messaging for more relevant interactions.


Offer digital promotions to toimprove customer relations.

ENS

(Esquema Nacional de Seguridad) RD311/2022

Provides omni-channel communications for aseamless experience.


Implement contextual messaging for more relevant interactions.


Offer digital promotions to toimprove customer relations.

DORA

Ley de Resiliencia Operativa Digital

Provides omni-channel communications for aseamless experience.


Implement contextual messaging for more relevant interactions.


Offer digital promotions to toimprove customer relations.

Our commitment to security

We understand the importance of a robust and transparent infrastructure. That's why our platform is governed by a shared responsibility model, where Aunoa takes care of the security of the platform and you, as the customer, retain control over your specific data and settings.

Data security measures

We implement a comprehensive set of measures to safeguard your information:

We always use HTTPS connections for access to our platform and for integration with third parties. Likewise, we apply data encryption in those cases where the sensitivity of the information requires it.

Authentication of users with access to the platform can be done by passwords or by integrating external Single Sign-On (SSO) systems via the SAML2 protocol. Internal passwords can be strengthened with two-factor authentication (2FA) via SMS, WhatsApp or email. In addition, access to the Aunoa platform is governed by a hierarchical permission scheme with three levels (roles) by default.

In no case does Aunoa use the data collected for a purpose other than that entrusted by the customer or share it with third parties. In the case of use for model training, personal data is appropriately pseudonymised so that no personal data forms part of the training datasets.

In agreement with the client, Aunoa develops the flows and interfaces necessary to collect, manage or withdraw consents in each channel, and to inform about the conditions of use and the exercise of ARCOP rights (Access, Rectification, Cancellation, Opposition and Portability).

Aunoa’s conversational channel interfaces are never directly connected to the backend, reducing high-risk threats. The perimeter of our infrastructure is monitored at multiple levels in real time.

Data retention and deletion strictly follow the guidelines set out by the GDPR, the ARCOP Rights, our internal information security policies and the ENS.

Security that evolves with you

We are constantly working to improve our standards and stay ahead of new threats. Want to know more about how we protect your data?