Trust & Security
Last Updated: January 16, 2026
At 5E Intel, security and privacy are foundational to everything we build. This page provides an overview of our security practices, compliance measures, and data handling procedures.
1. Security Overview
1.1 Data Encryption
| In Transit | All data transmitted to and from our platform is encrypted using TLS 1.2 or higher |
|---|---|
| At Rest | Data stored in our databases and file storage is encrypted using AES-256 encryption |
| Recordings | Audio and video recordings are encrypted both in transit and at rest |
1.2 Access Controls
- Authentication: Secure password hashing using industry-standard algorithms
- Session Management: Secure session tokens with automatic expiration
- Role-Based Access: Users can only access surveys and data they own or have been explicitly granted access to
- Admin Controls: Organization administrators have granular control over team member permissions
1.3 Infrastructure Security
- Cloud Hosting: Our infrastructure is hosted on enterprise-grade cloud providers with SOC 2 Type II certification
- Network Security: Firewalls, intrusion detection, and DDoS protection
- Regular Updates: Security patches applied promptly to all systems
- Backup & Recovery: Automated backups with point-in-time recovery capability
2. Compliance
GDPR
We comply with the General Data Protection Regulation for EU/EEA users. See our Privacy Policy §11 for details on:
- Lawful basis for processing
- Data subject rights
- International data transfers
CCPA
We comply with the California Consumer Privacy Act. See our Privacy Policy §7 for:
- Right to know
- Right to delete
- Right to opt-out of sale
BIPA
We comply with the Illinois Biometric Information Privacy Act. See our Privacy Policy §8 for:
- Biometric data handling
- Consent requirements
- Retention and destruction
NYC Local Law 144
Our platform supports compliance with NYC's automated employment decision tool requirements:
- Bias audit capability
- Candidate notice requirements
- Impact ratio analysis
3. AI Transparency
Our Commitment: We believe in transparent AI. Users and respondents have the right to understand how AI is used in our platform.
3.1 What AI Evaluates
- Response Content: The substance and relevance of answers to questions
- Behavioral Patterns: Accountability, consistency, and engagement indicators
- Transcription: Converting audio/video to searchable text
- Theme Extraction: Identifying key topics and insights from responses
3.2 What AI Does NOT Evaluate
- Protected characteristics (race, gender, age, disability, religion, national origin)
- Communication style preferences (introverted vs. extroverted)
- Accent, language fluency, or speaking pace
- Normal interview nervousness or anxiety
- Cultural differences in communication norms
3.3 Human Review Rights
All respondents have the right to:
- Request human review of any automated assessment
- Receive an explanation of how AI was used in their evaluation
- Object to solely automated decision-making that significantly affects them
Contact privacy@5eintel.com to exercise these rights.
4. Data Handling
4.1 Retention Periods
| Data Type | Retention Period |
|---|---|
| Interview recordings (audio/video) | 2 years from collection |
| Interview transcripts | 2 years from collection |
| Survey responses | 3 years from collection |
| Incomplete sessions | 90 days from start date |
| Inactive accounts | 5 years after last activity |
4.2 Deletion Procedures
- User-Initiated: Delete your data anytime through account settings or by contacting privacy@5eintel.com
- Automatic: Data is automatically purged after retention periods expire
- Backup Retention: Deleted data may persist in encrypted backups for up to 90 days
4.3 Subprocessors
We use the following categories of subprocessors to provide our services:
| Category | Purpose | Data Processed |
|---|---|---|
| Cloud Infrastructure | Hosting and data storage | All platform data |
| AI Services (OpenAI) | Transcription, analysis, and AI features | Interview content, responses |
| Payment Processing (Stripe) | Subscription and billing | Payment information |
| Email Services | Transactional emails | Email addresses, names |
5. Certifications & Audits
SOC 2 Type II: Certification in progress. Contact us for current status.
While we work toward formal certifications, our security practices are designed to meet SOC 2 Trust Service Criteria:
- Security: Protection against unauthorized access
- Availability: System uptime and disaster recovery
- Processing Integrity: Accurate and complete data processing
- Confidentiality: Protection of confidential information
- Privacy: Collection, use, and disposal of personal information
6. Security Contacts
Security Inquiries
For security questions, concerns, or to request our security questionnaire:
security@5eintel.comAdditional Resources
- Privacy Policy - Complete details on data collection and use
- Terms of Service - Service agreement and usage terms
- Data Processing Addendum - For enterprise customers requiring DPAs
- Responsible Disclosure - Security vulnerability reporting