ThinkData Works is committed to meeting the highest standards of security and compliance in the industry to keep your data safe and secure.
ThinkData Works is SOC 2 and Cyber Essentials certified, so you can trust that our team has the best policies and services in place for your security and protection.Read more
Our terms of service can be reviewed in full here.
ThinkData Works has zero tolerance for corrupt activities of any kind. Bribes or other improper or unauthorized payments, or acts that create the appearance of promising, offering, giving or authorizing such payments, are prohibited by this Policy. A full copy of the anti-bribery and corruption policy is available upon request.
ThinkData Works has a code of ethics policy predicated on four principles of integrity, inclusivity, respect, and empathy. Our code of conduct is available upon request, and our modern slavery statement can be found here.
ThinkData Works updates platform components regularly without disruption to performance. Application upgrades can be handled automatically if under SaaS. Updates are available every 2 weeks, but customers may determine how often they would like their environment to be updated. Upgrade scripts are provided if a customer chooses to deploy the ThinkData Works technology on-premises.
The platform undergoes rigorous automated and manual QA in a test environment prior to the release of a new version.
ThinkData's public platform is multi-tenant, meaning that all organization accounts share the same database. Private deployments are separate and sequestered cloud infrastructure projects. Access for ThinkData employees follows different access request procedures, as determined by the deployment administrators.
ThinkData Works has three solutions for maintaining the quality of an organization's secure environment. The platform supports IP whitelisting for a private deployment, and can create a VPN tunnel for additional security. Lastly, ThinkData Works can deploy the platform on an organization's isolated infrastructure entirely.
Multi-factor authentication is available for all user accounts. User accounts can be enabled with multi-factor authentication and multi-factor authentications can be set as a requirement for an entire organization.
ThinkData Works supports SSO using ActiveDirectory, SAML or OAuth.
No. ThinkData sources information from government-maintained open data portals and public sources. Use restrictions and licensing are maintained across all environments. ThinkData's partnership network includes organizations that are legally entitled to manage and maintain their subjects' personal information. This data is not provided by ThinkData Works.
We support access auditing for compliance and governance. Activity and access logs can be captured in both public and private environments and exposed to the customer. Logs may be directed to the customer log system or exported on request.
ThinkData Works does not sell or license your data. Users may at any time request that ThinkData Works erase and permanently destroy any information the company holds about the user, and ThinkData Works can execute such requests with consideration to and in compliance with regional regulations.
ThinkData's public platform is SOC 2 certified, and as such maintains extremely rigid security concerns that are completely separate from one organization to another.
The ThinkData Works platform provides SSL connections on the user interface and API to ensure that traffic is encrypted in transit. SSL is a required parameter and cookies are configured to only be transmitted over a secure connection to end users. The platform also supports accessing secure data source types such as SFTP, FTP, Google Cloud Platform, and Amazon S3 with SSL.
The platform currently supports: separated values files (CSV, TSV, etc.); fixed-width files (FWF); spreadsheet files (XLS, XLSX); object and mark-up files (JSON, XML, GML, etc.); and geometry files (GeoJSON, SHP) among others. With ZIP files, the platform has the ability to parse and select specific files within an archive.
This automated file type handling ensures that the data undergoes the fewest possible transformations with as little human intervention as possible. Where human intervention is preferred, the ingestion service supports a rich configuration language.
ThinkData maintains an incident management policy that will notify platform users of any cybersecurity or privacy breaches. Clients will be notified and a full incident report will be shared following the incident. ThinkData Works has thorough documentation on incident management including clear RACI assignments for Engineering, Security, F&BO, Talent & Culture, and Executive staff.
The ThinkData platform's access controls comply with standard policies and procedures that address: onboarding; offboarding; transitions between roles; regular access reviews; limiting and controlling the use of administrator privileges; and activity timeouts. The platform supports a mechanism to view which users have access to what features and datasets to facilitate regular access reviews.
All data processing is located in Canada for SaaS or managed cloud operations. ThinkData supports geographic redundancies and disaster recovery. Platform access is secured with TLS. Data will remain in Canada if set up on Canadian data centres.