The information security and privacy protection of users have always been regarded as the first priority of our enterprise production. Your experience in using AiDot products, such as using AiDot Cameras to record family conditions, turning off lights through the AiDot application,and storing data in the AiDot cloud... All background activities should be carried out under your thought and control. We keep this in mind: your privacy is crucial to us.
In order to provide you with our services, we only collect personal necessary information as little as possible. In order to further protect your privacy, we will process data locally on your device as much as possible to reduce the amount of personal information we upload to the server.
We will only collect your personal information for a reasonable and legal purpose when necessary. We will not use the collected data for any purpose that you have not agreed to, and will not further process it.
In order to protect users' privacy, we will use encryption throughout the generation, transmission and storage of users' privacy data to ensure that users' privacy data is protected safely.
In order to ensure that our safety practices reach the highest level of quality and depth, AiDot maintains various certifications and annual audits. At the same time, a professional evaluation team is invited to supervise the process of product design, research and development, testing and release to ensure that the product strictly complies with all privacy-related agreements.
We have clearly defined the responsibilities of each department and individual in the process of data collection, use, storage, sharing, disclosure, transmission and destruction. Adopt reasonable processes to ensure the traceability of data throughout its life cycle.
Global Data Centers
As of April 2023, AiDot has a total of 4 data centers worldwide, located in Central Europe (Frankfurt), Western Europe (Ireland), Western United States (Oregon), and Eastern United States (northern Virginia).
All-round Safety Protection
As a smart Internet of Things solution provider, it is AiDot's important responsibility to protect users' equipment, services and privacy information. The company has adopted a variety of security measures to provide comprehensive security protection for users and equipment.
Data Access Controls
Data Privacy Controls
AiDot's "full stack" security philosophy employs a wide range of leading edge security measures focused on user authentication, transmission, and intrusion prevention. These security measures include:
Devices authenticated with a unique key pair
Encrypted LAN Mode communication between mobile application and device
Data encryption - HTTPS encrypted with TLS, UDP channel with AES-128 encryption
Layered access control to prevent breaches of one device compromising the whole system
Penetration tests by 3rd party vendor
Connected products and the data they generate will typically be accessed by a variety of different individuals, including friends or family, customer support teams, product operation teams, business analysts, and more. To ensure the right people have access to the appropriate data, AiDot provides a wide range of access controls. These controls include:
The role-based access (RBAC) framework and hierarchical access control mechanism are adopted to define the user-defined roles and access rights of equipment and user data (for all ODM organizations and external parties). Prevent the damage of one equipment from endangering the whole system
Secure sharing of devices among family members or guests
End-user can opt-in to share their device data with partner services, such as energy management or replenishment services
Tracking of data access for auditing and compliance purposes
Maintaining the privacy of consumer data is a growing concern world-wide. AiDot supports our customers in their commitment to enable the highest level of privacy standards for their market with a strong set of privacy tools. These include:
Role Based Access (RBAC) framework to define custom roles and access permissions for device and user data (for both the ODM organization and external parties)
Data ownership tied to registered owner of the device with role-based access for ODM staff
GDPR-ready Dashboard UI to protect access to personally identifiable information (PII)
Securing customer data and their virtualized devices from malicious attacks or theft is a major focus of the AiDot security team. We deploy a number of leading edge security measures across the various cloud infrastructure providers that our platform runs on (e.g., AWS, Azure). These measures include:
Services deployed within a VPC, with service and databases installed in different subnets
Compute instances not directly accessible from the internet and run intrusion detection systems
GFirewalls to protect services at the network level
DDoS filters and web application firewalls employed
Proof of Privacy Security
In order to ensure that the quality, security and privacy of the enterprise management and enterprise products are at the forefront of the world, AiDot has completed a series of enterprise system certification and product compliance certification.
Quality Management Systems ISO 9001
Information Security Management ISO 27001
Cloud Security ISO 27017
Cloud Privacy ISO 27018
GDPR Privacy Protection Compliant
CCPA Privacy Protection Compliant
ioXt Manufacturer Certified
TUV Rhine Security Privacy Certification
Google Mobile Application Security Assessment
Some Common Privacy Security Issues
1. When does the AiDot camera record or store my video?
When the AiDot camera device detects motion, people or abnormal behavior, it records and stores video locally. If you subscribe to our cloud storage service, your video will be safely stored in the cloud and can be deleted at any time. When your video storage exceeds your planned storage period, our server will automatically and permanently delete your video.
2. How can I access and view my recordings?
You can access, view, download and delete stored videos through the AiDot application.
3. How secure are my recordings?
We are committed to protecting your personal data security. Your video is stored locally and AES encrypted via AiDot device. You need to log in to your account using the AiDot application to view videos. If you use cloud storage, data will be encrypted and stored between the device and AWS (Amazon Web Services). In addition, your data is protected by TLS (Transport Layer Security) and SRTP (Secure Real Time Transport Protocol). AWS also encrypts the video stored in AWS to provide additional data protection.
4. Does AiDot share video recordings with third parties, such as law enforcement?
When using local storage, AiDot cannot access the user's video record. If the user chooses our cloud storage service, AiDot will not share the user's video content without the user's written consent, even if it needs to comply with effective legal orders.
5. Can AiDot team members activate and view my live stream?
No. AiDot team members cannot activate and view live streams from your AiDot devices.
Privacy and Security Issue
If you think you have found AiDot security problems in any of our services or devices, we welcome you to email firstname.lastname@example.org or submit a report to the Amazon Vulnerability Research Program by visiting https://hackerone.com/amazonvrp.
Take a more detailed look at our privacy notice by clicking here.