Skip to main content
All CollectionsSecurity & privacy
How Wobby protects your data
How Wobby protects your data

Some resources to help you understand how Articles can be used

Updated over 2 months ago

This is an introduction to how Wobby handles and protects customer data.

Key Security Considerations

When it comes to data security, Wobby focuses on three key aspects:

  • Security by Design

  • Technical Security

  • Operational Security

These principles are contractually guaranteed to our customers through relevant agreements and Data Processing Agreements (DPA). Additionally, we are in the process of implementing our ISO 27001:2022 certification to further strengthen our commitment to information security.

Security by Design

At Wobby, we believe that the foundation of security is built during the development of our platform. Early architectural decisions play a key role in ensuring only the necessary data is processed and that it’s handled securely. For example, we design the platform so that data in transit and at rest is encrypted using the latest technologies, without compromising performance.

Our engineering team consists of experienced software architects and developers who are continuously trained in the latest security practices.

Because of this, Wobby was built with security and data protection as top priorities. The platform uses a state-of-the-art cloud architecture, following practices like least privilege access, logical separation, and infrastructure as code.

Importantly, Wobby primarily uses metadata rather than full data, so our AI systems don’t need to store or access complete copies of customer data.

Technical Security

No software works without data, so it’s critical to implement strong security measures to protect the data used. As mentioned, Wobby minimizes the data required to operate effectively.

Here are some of the technical security measures we use:

  • Encryption of data in transit and at rest using the latest TLS and AES encryption technologies

  • Data integrity checks using signatures and hashes

  • Regular system and software updates

  • Firewalls and virus scanning

  • Internal virtual networks

  • Pseudonymization where possible

  • Separation between production and development environments

  • Separation of storage and processing systems

  • Tenant data separation

  • Logging and audit trails

As part of our ongoing commitment to security, we are also actively working on obtaining the ISO 27001:2022 certification, which ensures that our information security management system (ISMS) aligns with global standards.

This is not an exhaustive list, but it highlights key practices. For detailed information, please refer to the Data Processing Agreement.

Operational Security

In addition to technical measures, Wobby applies various operational security procedures to ensure customer data is protected at all times, including:

  • Physical and virtual access controls

  • Strict access and account management protocols

  • Device management

  • Non-disclosure agreements with employees and subcontractors

  • Regular security training for staff

  • Logging and audit trails

Our goal is to maintain high security standards throughout the entire data lifecycle, further supported by our pursuit of ISO 27001:2022 certification, which formalizes our approach to information security management.

Did this answer your question?