Question 1

Where is Logifit customer data hosted?

Accepted Answer

Logifit data is hosted on Amazon Web Services (AWS) ISO 27001 certified cloud infrastructure, with additional services on Google Cloud Platform (GCP) and Twilio for specific functions. Customer tenants are provisioned in the AWS region closest to the operation (for example, a Peruvian mining deployment is hosted in a LATAM region, a US fleet in a US region) to minimize latency and to keep telemetry under the customer's preferred jurisdiction for regulatory review. The current subprocessor list and hosting region for a specific tenant are listed in the Data Processing Addendum and the public Trust Center.

Question 2

How is customer data encrypted at rest and in transit?

Accepted Answer

All customer data is encrypted at rest using AES-256 on the storage layer, and all data in transit between the Logifit Mobile App, the In-Cabin DMS (ProVision AI Cam over LTE), and the Ops Platform is transmitted over TLS 1.3. Tokens used by REST APIs and webhook integrations are scoped per tenant and revocable. Video clips streamed from the ProVision AI Cam to the 24/7 call center for human review use the same TLS channel and are retained per the customer's configured retention policy. Sensitive biometric information is never stored in plaintext.

Question 3

How does Logifit comply with GDPR, Habeas Data Peru, and Ley 19.628 Chile?

Accepted Answer

Logifit operates under a Data Processing Addendum that maps to GDPR (EU/EEA), Habeas Data — Ley 29733 (Peru), Ley 19.628 (Chile), LFPDPPP (Mexico), and LGPD (Brazil). Operators give informed consent for biometric and video processing during onboarding, the platform supports the rights of access, rectification, deletion, and objection, and data is processed exclusively for the occupational health and safety purpose declared in the contract. The customer is the data controller; Logifit is the data processor. Logifit also maintains a HIPAA-ready framework for clinical health-module data when required by the customer's regulatory profile.

Question 4

What certifications and standards does Logifit hold?

Accepted Answer

Logifit is ISO 9001 certified for quality management of its operations and platform delivery. All Logifit data is hosted on AWS ISO 27001 certified infrastructure, providing enterprise-grade information security management at the cloud layer. Logifit's own information security practices are aligned to ISO 27001:2022 controls (access control, asset management, cryptography, supplier security, operational security, incident management, business continuity). Occupational health and safety practices align to ISO 45001:2018, which is one of the regulatory frameworks Logifit's own customers are audited against. Certificates and third-party assessments can be requested as part of a security review.

Question 5

Who at Logifit can access my data, and is there an audit trail?

Accepted Answer

Access to customer data is restricted by role and by tenant. Logifit personnel access is limited to defined operational, support, and 24/7 call-center roles, granted on a least-privilege basis and revoked on role change or offboarding. Every administrative action on a tenant is logged with user, timestamp, and target object, producing an audit trail that is exportable for customer review. Third-party subprocessors (AWS for hosting, GCP for specific services, Twilio for communications) are listed in the Data Processing Addendum and the public Trust Center, and are required to meet equivalent security commitments.

Security & Compliance Documentation

Compliances

ISO 9001:2015

ISO 27001

HIPAA

GDPR

Resources

Subprocessors

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Google Cloud Platform

Google Cloud Platform

Twilio

Twilio

Need more details?