Security & compliance
Encryption, GDPR, ISO 27001 and how data is stored, retained and protected.
Encryption, GDPR, ISO 27001 and how data is stored, retained and protected.
Glossary
- Encryption Encryption is the protection of data in transit and at rest using industry-standard cryptographic protocols, applied to every byte of analytics that moves between the APU, the cloud and the dashboard.
- GDPR GDPR is the General Data Protection Regulation — the UK GDPR and EU GDPR frameworks that govern how organisations process personal data about individuals in the UK and EU.
- ISO 27001 ISO 27001 is the international standard for information-security management systems (ISMS), specifying how an organisation should manage the confidentiality, integrity and availability of information.
Questions
- Is the data in real time? Yes — Aura Vision ingests data live and reports it in 15-minute intervals on the dashboard, so trends and live occupancy are visible within minutes of the actual visit.
- Is the data secure and compliant with GDPR? Yes. Please refer to our privacy by design document for more information.
- How long is historical data retained? We retain the analytics data for the duration of the contract, and this includes 15-minute granularity across all metrics.
- What Information Security Standards do you follow? Aura Vision's Information Security Management System is built around ISO 27001 principles, with privacy controls aligned to UK GDPR and EU GDPR (verified by Mishcon de Reya) and operational practices that match SOC 2-style controls.
- Are you ISO 27001 certified? Aura Vision follows ISO 27001 procedures and principles across development, operations and information security management. Formal certification is on our roadmap.
- Does Aura Vision store the CCTV footage? We never store or recall raw CCTV footage.
- Who has access to the anonymised audit videos? Only authorised Aura Vision operations team members with explicit permission and relevant training have access to the resources.
- Is de-blurring of the faces possible? No, de-blurring is not possible. All processed footage is irreversibly blurred using one-way processing, and the original raw footage is immediately deleted.
- Does it use facial recognition? No. Aura Vision never identifies individuals and never stores biometric data. Faces are blurred at source on the APU before any image leaves the device.