As part of Ango Hub's commitment to data privacy and security, we provide our users with control over their personal data. This document outlines how users can access, copy, update, or delete their personal data within Ango, as well as our data storage practices and configurations.

Personal Data Management

User Rights

Individuals have the right to request access to, obtain a copy, delete, and update their personal data held by Ango Hub.

Data Types

Ango Hub uses/produces two types of data:

• Raw Data: Client data that is annotated within the Ango Hub Cloud Platform

• Annotation Metadata: Annotation results that are generated by Ango Hub services.

Data Storage

Cloud Storage for Raw Data

• Ango utilizes cloud storage services, which are stored in the EU (Germany) or the United States based on client selection.

• We might employ a Content Delivery Network (CDN) for optimal load times, based on user location.

Data Storage Configurations

Users have multiple options for how their data is stored with Ango Hub:

1. IAM Delegated Access

This method allows users to host their labeling assets in their preferred cloud storage (AWS S3, GCP) with controlled access via IAM roles and policies. All data is accessed through signed keys and data never accessed from Ango Hub backend services.

2. Direct Upload

Directly uploading data to Ango means it is stored on our private AWS S3 buckets. All data accessed through signed keys.

Security Measures

• Ango ensures all data is encrypted at rest and in transit.

• We use industry-standard encryption protocols to protect user data.

Cloud Storage for Raw Data

• Ango uses MongoDB Atlas as primary database and annotation results are stored in the MongoDB Atlas platform.

• All annotation data is kept encrypted within the enclosed network (VPC), only accessible by Ango Hub.

Usage and Portability

• Ango Hub does not sell any personal data.

• Client data can only be accessed by service providers such as MongoDb Atlas & AWS S3.

• Upon request, Ango can export user data and permanently delete it from our servers.

Security

• Data hosted by Ango is encrypted using robust encryption methods.

• Regular security tests and penetrating tests are performed by third party providers on Ango Hub. Those reports can be shared with clients on a request.

Regulatory Compliance

• Ango is dedicated to protecting personal data and adheres to various privacy and security laws and regulations, including but not limited to CCPA, GDPR, and others relevant to our operations.

Customer Data Protection

In Ango Hub, we treat all customer data with the highest level of confidentiality. Our application is designed to ensure that customer data is accessible only to authorized users. This is achieved through robust encryption both at rest and in transit, comprehensive access control management, and continuous monitoring.

Data Encryption and Security

Encryption at Rest

• Customer data, including labeled data hosted by Ango Hub, is encrypted at rest using AES-256 encryption with keys managed by AWS.

• Customer data metadata, and private user information hosted by AngoHub, is encrypted at rest using AES-256 encryption with keys managed by MongoDB Atlas.

User Authentication

• Ango Hub employs legacy authentication (where passwords are stored in the Ango Hub databases after hashing and salt is applied). Another option uses Google SSO which uses SAML 2.0 for authentication.

Encryption in Transit

• Data is encrypted via Transport Layer Security (TLSv1.2 or higher) when in transit between customers and AngoHub servers.

• Within AngoHub's internal network, data transmission is secured over enclosed networks (VPC) in protected channels like HTTPS.

Data Hosting Options

• Customers can choose to host their assets. Options include direct uploads to Ango Hub or using their own cloud platforms with delegated access.

Access Control and Monitoring

• All access to environments within our cloud infrastructure is logged for continuous monitoring and security purposes.

Commitment to Security

Ango Hub is committed to applying the best security practices in the industry to protect customer data. Our team is continuously enhancing our security measures to address evolving threats and maintain the highest standards of data protection. Regular security and penetration tests are run on Ango Hub by internal & 3rd party firms.