How does Weglot manage security and privacy?
In this article, you will find more information about Weglot's security in general.
1. SOC 2 Type 2 certification
2. Security in general
3. Frequently asked questions
First of all, if you're interested in GDPR, you can find more information about our GDPR Compliance on our Privacy Policy page: https://weglot.com/privacy/
1. SOC 2 Type 2
In 2022, Weglot has been certified as SOC 2 Type 2.
SOC 2 compliance is a voluntary industry standard that specifies how organizations should manage customer data.
The standard is based on 5 criteria:
- Security
- Availability
- Processing Integrity
- Confidentiality
- Privacy
The first stage of SOC 2 compliance is SOC 2 Type 1. It certifies that customers' information is handled securely and responsibly.
The second stage of SOC 2 compliance is SOC Type 2. It verifies that all the policies and processes listed in SOC 2 Type 1 are in continuous use and approves that the controls Weglot has in place are working correctly to protect sensitive data.
You can find further information on this topic in our blog post about SOC 2 Type 2.
2. Weglot translations and integrations
All the content you are translating with Weglot is kept in your Translation List.
If you use Weglot to translate internal data, conversations, or any confidential content, these contents will therefore be translated and stocked in your Translation List. Your other team members and our Support Team will have access to these translations.
You can exclude this content to prevent Weglot from translating them.
You will find all the information you need to apply exclusions in our documentation:
> How to exclude URLs/blocks/words from translation?
Regarding your public API key, Weglot's Support Team has the possibility to Whitelist the domains that you want to authorize using your API key. You will need to contact our Support Team to do so.
3. Frequently Asked Questions
Weglot can arrange such an agreement in the Enterprise package which guarantees a Data Protection Agreement between your company and Weglot.
You can find more information in our documentation: Can Weglot provide a DPA?
Can I report a security vulnerability?
You have indeed the possibility to report a potential security vulnerability.
If you believe you have found a security vulnerability in one of our products or platforms, we invite you to read our Responsible Disclosure Policy and then take action.
Where can I find your Privacy Policy or your Cookie Policy?
You can find this information about it on our Privacy Policy page.
Can my visitors know that I am using Weglot?
Your visitors can indeed know that you are using Weglot.
They have access to your page's source code with the inspector of their browser. They can find for example the HTML code of our switcher.
There are also calls to your Weglot Project that can be seen within the inspector on your translated versions.
If you have created DNS records for Weglot subdomain integration, it can be seen using public tools such as DNS Checker.