Ensure personal data protection

Personal data protection | Smartcat Help Center What is GDPR? On May 25, 2018, the General Data Protection Regulation, abbreviated as the GDPR, has come into force. The law has established general rules regarding data protection in the European Union for international companies that process personal data of EU citizens. The main goal of the law is to give users the opportunity to learn about their data, which is stored by the company, and if the user wants to, manage it. GDPR & Smartcat Smartcat is very serious about storing the personal data of its customers, and protecting this information. In fact, we’ve always been, and after the enactment of the new law, that didn’t change. User data Storage We have updated our Terms of Use and published the Privacy Policy. The new version of the Terms of Use describes in more detail and with improved clarity what user data we store, for what purposes, and how we guarantee security. Management You can still control the visibility of your profile to search engines and within Smartcat’s Marketplace. If you decide to stop using Smartcat, we will, at your request, delete your account and all associated information, including files and projects. You may delete the personal data you’ve added to your freelancer profile or corporate profile, such as your name, photo and phone number, by yourself at any time. Protection Smartcat employees who have access to your data are thoroughly checked by our security team and can only use your data as part of their work. In addition, access is limited by authorization procedures and infrastructure, which does not allow employees with insufficient rights to access information. Your data is stored in data centers with the strongest, strictest security level, Tier IV. This is a much higher level of protection than conventional office servers provide (Learn more about Smartcat security measures ). Privacy We do not share any user information we have with third parties. Your data is stored on one of three servers located in Europe, the US or Asia and does not go outside of them. When you sign up with Smartcat, your information will go to one of the three servers, depending on the region in which you are located. Smartcat’s partners In the terminology of the GDPR, Smartcat is a “data controller”, because we collect and use information about our users. We carefully select partners to help process our payment orders, and enter into agreements with them that detail points concerning the safety of user data. Smartcat does not store your bank card details; they are stored on our payment partner’s side, which has all the necessary infrastructure to ensure the safe storage of this type of information, which is confirmed by the availability of a PCI DSS certificate. Any new solutions we design will take into account the new requirements for data security. At the same time, we are looking for the latest solutions in the field of data protection, and will apply them to our processes, infrastructure solutions and partner selection.

Why Smartcat is safe to use

Safety measures for translations | Smartcat Help Center At Smartcat, we are aware that linguistic resources are the core asset for translation businesses. This is why we use the most advanced technologies and practices to keep your data secure and prevent unauthorized access into your account. We don’t display, transfer or share your data with anyone unlike some other companies do. Secure cloud storage By accommodating your data in the cloud, you can be sure of its safety. Intruders wouldn’t be able to access it in the case that your computer is stolen or exposed to a virus. Even if your computer is broken, all of your data will be safe and available for you. Your data is exclusively yours We considered any improper manipulation of user data and guarantee complete confidentiality. Your data is secure in your account, and belongs fully and only to you. You control access to your data All accounts in the system are isolated, so users of one account cannot access the information in another. This means that all linguistic resources are only available to you and the users that you authorize. Your data is hosted in top-level data centers The data centers, in which your data is stored, have the strictest level of security (Tier IV) and are located in geographically diverse locations, ensuring much higher protection compared to simply using your own office servers. The data centers are SOC-1, SOC-2, and SOC-3 compliant, and staffed and monitored 24/7. Your payments are protected We don’t store your payment data; all payments are executed by our payment partners, each of them holding a certified status with Visa’s Global Compliant Provider and Mastercard’s SDP. Translator information is not visible to external users Yet we reserve the translators’ right to register on the platform as freelancers with a public profile and to use such accounts for personal purposes. Here’s some more information for our tech-savvy users: Your data is encrypted Smartcat uses an HTTPS/TLS protocol to protect data in transit between your computer and our servers, and a 256-bit Advanced Encryption Standard (AES) to protect data at rest. For transmitting payment data, we use a TLS 1.2 protocol and RSA algorithm with a 2048-bit key. Database backup Your data is continuously backed up on the database level and is replicated in real time to a Smartcat backup data center. This guarantees we can recover from a complete site failure in our main data center. All infrastructure can be automatically set up in minutes, if needed. Centralized user access You can instantly limit access to your account using our centralized user access control. Flexible assignment of access rights This allows you to authorize at different levels – down to a single document or linguistic resource. Internal security policy Smartcat employees are prohibited from unauthorized access to client data. We offer both private cloud-based and standalone enterprise solutions for any corporate customers with specific data security policies.

Manage users via Single Sign-On (SSO)

User management via Single Sign-On (SSO) | Smartcat Help Center Smartcat provides Corporate customers with the ability to manage their users via their company’s Single Sign-On (SSO) provider. SSO is an authentication process that allows users to log in to multiple applications and services with a single set of credentials, irrespective of the platform, technology, or domain used. The advantages of SSO are manifold, the most valuable being: Secure handling of multiple accounts and related user dataImproved security capabilities, especially if combined with multi-factor authenticationStreamlined user experience: the elimination of repeated logins increases employee satisfaction and productivityAbility to ensure that corporate compliance rules are being followed Smartcat supports four major authentication systems: ADFS, Azure AD, Okta, and DUO. If your company uses one of these systems, please provide the following information to our support team and we will configure your SSO connection: The name and software version of your SSO technology or provider, including software versions. For example: Azure AD or ADFS 4.0 on MS server 2016.The public URL of your OAuth 2.0 or the ADFS server endpoint. Indicate also clientId and clientSecret, if applicable.What Web domain should email addresses originate from, so that they are redirected to your SSO provider. In our turn, we will provide callback URLs to be added on your server/provider side to return Smartcat requests. When SSO is configured and connected, users from the specified Web domain will be immediately redirected to your login URL instead of accessing the Smartcat login form.

Ensure your accounts security

Account security | Smartcat Help Center When you enter your credit card information in Smartcat, the data is not actually sent to us but goes directly to servers of our payment service partners. All our payment partners are PCI DSS certified. Such a certificate means that the company’s security systems have passed specific individual tests. PCI DSS-certified companies have organizational and technical security policies: data is stored in encrypted form, data access is limited, and registration logs are kept safely. Data encryption Your password and personal data are not available to third parties. Access to Smartcat is carried out over a secure connection encrypted over HTTPS/TLS protocols. Your data gets transmitted to our servers by a 256-bit encrypted SSL connection. We use TLS 1.2 encryption to protect payment data at the transport level while using 2048-bit RSA keys at the application level. How do I protect my account? Never share your bank card details, such as a PIN, CVV, or CVV2 with anyone.Never give your Smartcat account password to anyone and consider changing it regularly.Make sure that you receive email notifications about money transfers to your Smartcat account, as well as payouts via your preferred method.Enable SMS alerts for transactions and other activities on your bank account. I’m still hesitant about giving my payment info to Smartcat. How do I get my earnings? Issue a separate physical or virtual bank card and use it solely for receiving payments from Smartcat. Many banks offer virtual cards, which can be used for online payments, just like an ordinary plastic card would. FAQ I have received a request for personal information from the support team. Why am I required to do this if I have provided my details? Any bank or payment provider is responsible for ensuring that its customers act within the law and do not use financial institutions for illegal activities such as fraud, money laundering, or tax evasion. To accomplish it, any regulated financial institution conducts routine checks by requesting additional information on selected payments. Additional information may include clarification of the recipient's full name, address, date of birth, citizenship, proof of residence, etc.If you receive a notification from our support team that a confirmation of your identity or other additional information is required, this means that your payment is currently being verified by our payment system. Please don’t worry, these are standard regular compliance checks. Provide us with the necessary information and we will do our best to ensure that you receive your payment as soon as possible.Please note that requests from the platform can be only sent from an email address in the @smartcat.ai or @smartcat.com domain. Do not share your details upon request from an undefined email address.