Our Commitment to Data Protection

AMS Platform is built with data protection at its core. We follow the principles of data minimization, purpose limitation, and transparency in all data processing activities.

Encryption & Security

🔒

AES-256

Encryption at rest

🛡️

TLS 1.3

Encryption in transit

🔐

SOC 2 Type II

In progress

Pakistan Data Residency

All data is stored in Pakistan by default, complying with SBP and SECP data localization requirements. Enterprise clients may choose on-premise deployment for additional control.

GDPR Compliance

For international users, we comply with GDPR requirements including:

Right to access, rectification, and erasure
Data portability in machine-readable formats
Explicit consent for data processing
Data processing agreements with all sub-processors
72-hour breach notification

UK Data Protection Act 2018

For GBSHA and UK-based users, we comply with UK GDPR and the Data Protection Act 2018, including standard contractual clauses for international data transfers.

Hong Kong PDPO Compliance

For HISHA and Hong Kong-based users, we comply with the Personal Data (Privacy) Ordinance (PDPO), including data access requests and the six data protection principles.

Regular Audits

We conduct quarterly penetration tests, annual security audits, and continuous monitoring. Our security team monitors threats 24/7 with automated incident response.

Breach Response

In the event of a data breach, we notify affected users within 72 hours as required by GDPR, and immediately via email, SMS, and in-app notification.

Contact

Data Protection Officer: dpo@amsplatform.com