Security & Compliance

How we protect your inspection data and align with industry standards

Security Practices

Encryption

TLS 1.3 for all data in transit
AES-256 encryption for data at rest
Encrypted database connections
Secure file storage with signed URLs

Access Control

Role-based access control (RBAC)
OAuth 2.0 authentication
Session management with secure cookies
API key authentication for integrations

Infrastructure

Cloud-hosted with redundancy
Automated backups
DDoS protection
Regular security patches and updates

Audit & Monitoring

Full audit trail for all actions
Real-time monitoring and alerting
Incident response procedures
Regular security assessments

Compliance Alignments

Standard / Regulation	Description	Status
KSA-PDPL	Saudi Arabia Personal Data Protection Law — aligned with data handling, consent, and residency requirements.	Aligned
GDPR	EU General Data Protection Regulation — aligned with data processing, consent, and right to erasure requirements.	Aligned
ASME Standards	Inspection workflows and checklists are designed to support ASME code requirements. Not ASME certified.	Standards-Aligned
API Standards	Workflows support API inspection standards and recommended practices. Not API certified.	Standards-Aligned
AWS D1.1	Welding inspection workflows support AWS D1.1 structural welding code requirements.	Standards-Aligned
OSHA	Safety/HSE workflows support OSHA compliance documentation and reporting.	Standards-Aligned

Transparency Note

InspectorScan is aligned with the standards listed above — meaning our workflows, checklists, and data structures are designed to support compliance with these standards. We do not claim certification from ASME, API, AWS, or any standards body. Certification status depends on your organization's own audit and compliance processes. For data privacy, we are aligned with KSA-PDPL and GDPR requirements but recommend consulting your legal team for specific compliance obligations.