Skip to main content
Sanad

Trust by design

Data security and sovereignty

We treat data privacy as a fundamental right. We engineer client analytics on in-country servers, isolating client data from foreign surveillance and external legal interference.

1. Governance & access control

We engineer least-privilege access, role-based access control, and multi-factor authentication.

2. Encryption

We use TLS in transit and AES-256 at rest, with advanced privacy technologies where appropriate.

3. Pipeline hardening

We isolate networks, validate inputs, and scan software dependencies.

4. Continuous auditing

We maintain immutable event logs and use anomaly detection to identify unusual behavior.

5. Compliance & ethics

We apply retention limits and audit models for bias.

6. Data sovereignty

We design client deployments on in-country servers with an in-country team, physical security, power redundancy, access management, and alignment with Syrian Privacy Controls & Rights Law No. 12 of 2024.