Introduction

Building customer trust is a top priority at eva conversational AI NTT Data cloud platform (“eva”). For this reason, we understand the responsibility that we have when you, our customers, entrust us with a significant variety and amount of sensitive data.

We take security seriously — from continuously fixing vulnerabilities and improving our security policies, to enabling you to do just the same by providing various security features in our product. For this reason, we implement and maintain technical and organizational security measures around the eva.

The Security Measures include administrative, technical, and physical safeguards to ensure a level of security aligned with the criticality of eva and its role in our clients’ business. The final objective is to provide a complete security and privacy program that considers security in the whole lifecycle of eva.

This eva security policy describes these security measures. These measures may be updated by the eva team periodically during the Term of the Agreement to consider advancements in available security technologies, or new laws and regulations. However, NTT Data will not materially decrease the overall security of the Services during the Term of the Agreement.

This security policy complements the eva Master Agreement Subscription. In case of a conflict between this policy and the master agreement, the Master Agreement shall prevail.

The security and vulnerability detection measures executed during the eva development and maintenance process cover the entire lifecycle of the eva cloud platform.

Security improvements for eva are deployed inside the product updates. Security improvement in cloud services is implemented by the eva cloud operation team.

In addition, components that are part of the solution are updated following a patching cycle. These updates are duly approved before deploying in production.

Here, we explain security controls and assessments applied to the eva cloud platform.

As with any cloud service, the provider, and customers share responsibility for securely using the service. eva cloud has been designed with strong security defaults in mind so that the burden of securely using the service is minimized for the customer.