CAREAR SECURITY AND TRUST CENTER

CareAR Security

Trust forms the foundation of our company, deeply ingrained within our culture, technology, and unwavering commitment to customer success

How We Protect Your Personal Data

As of CareAR Assist version 21.04 and later, the administrative portal allows for configuring the regions in which the media (video and audio) can be transmitted as follows:

Global
Asia
Europe
India
Japan
North America

For example, if you would like to restrict the video and audio to stay within Europe, this setting enables you to geo-fence the audio and video to be transmitted within Europe only.

We apply appropriate physical, technical, administrative and organizational measures to our processing of personal data that is commensurate with the sensitivity and risk associated with the types of personal data involved. Personal data is encrypted while at rest. Our database servers, to which personal data is securely transferred, are currently hosted by Google Cloud Platform (GCP) in the U.S. GCP’s cloud platform security is described here: https://cloud.google.com/security

Data Sovereignty

Data sovereignty deals with the physical storage of user and usage data within the confines of a physical geographic area.

CareAR provides architectural support for data sovereignty. More specifically, the location of the customer’s permanent storage of data containing Personally Identifiable Information (PII), excluding the user’s email address, related to users and to usage information may be designated to be one of the following regions:

United States (Assist, Instruct)
Germany (Assist, Instruct)
Canada (Assist, Instruct)
Japan (Assist, Instruct ¹)

¹ Instruct content using advanced AI services such as Intelligent Search and our Beta release of Visual Verification use the AI platform hosted in the Japan data sovereignty region. Therefore, when AI platform-based functions are needed, the data will be hosted in Japan.

User Mapping and Authentication

With our support for data sovereignty, as part of the user’s initial login sequence, we query our location database to determine which region the user is assigned to. The location database entry is

the user’s email address and
the region the user’s tenant is bound. If unspecified, the default location is the US.

Once the region for the tenant is determined, all subsequent interactions by the user (while logged in) are directed to the service logic executing in that region. Today the authentication of the user is performed using a global authentication service.

Customers requesting their tenant be implemented in Canada, Germany, or Japan will need to contact the CareAR Technical Support operations team for assistance.

In addition, SSO could be leveraged to authenticate against your identify provider.