Security, Privacy, and Compliance

At Fero, we are dedicated to upholding the highest standards of security, privacy, and compliance for customer data. To this end, we have developed and implemented a comprehensive set of policies, procedures, and controls to ensure the appropriate confidentiality, integrity, and availability of your data.

Dedicated Security, Legal, and Compliance Teams

We have dedicated security, privacy, and compliance teams that implement and manage our security and privacy programs. They engineer and maintain our defense systems, develop review processes for security, and constantly monitor our networks to detect suspicious activity. They also provide domain-specific consulting services and guidance to our engineering teams.

We perform periodic internal audits and assessments by accredited third parties.

Further, Fero appoints an Information Security Manager and implements personal data handling policies, including data processing, retention, and disposal policies in line with the ISMS. If you have any questions related to Fero’s privacy policy, privacy practices, and ISMS compliance, please contact our Information Security Manager at infosec@fero.ai.

Data Protection Measures

We maintain appropriate technical and organizational measures, internal controls, and information security routines following the best industry practice to protect your data against accidental loss, destruction, alteration, unauthorized disclosure, or access.

ISO 27001 Certification

Fero is certified and accredited by a third-party privacy organization and holds ISO/IEC 27001:2013. In line with this certification, Fero developed and implemented a comprehensive set of policies, procedures, and technologies to ensure appropriate confidentiality, integrity, and availability of your data.

Data Processing and Transfers

Data collected from you may be transferred to and stored and processed in the North UAE. Another option is possible as a commercial option. See the Data Date Center Location below for specification and possibility to deploy India, EU and US locations.

Vendor/Supplier Ecosystem

We evaluate and qualify each of our vendors based on our Supplier Management Policy. We onboard new vendors only after a rigorous risk assessment. We take appropriate steps to ensure our security stance is maintained by establishing agreements that require the vendors to adhere to confidentiality, availability, and integrity commitments we have made to our customers.

Data Center Locations

We store customer data primarily on servers provided by Azure Cloud. Azure maintains the highest security standards and has a range of certifications. More information on Azure Cloud security can be found here.