Secure by design
Limitless is compliant with the General Data Protection Regulation (GDPR), a regulation in EU law on data protection and privacy in the EU and the European Economic Area.
Limitless is ISO27001 and ISO27701 certified. ISO 27000 is a collection of standards designed to provide guidance to organizations looking to implement strong cybersecurity.
Limitless has an Information Security Management System (ISMS) and has certified with Alcumus, which is an accredited certification body.
Limitless uses multi-factor authentication to ensure that Experts on the system are who they say they are.
We use sophisticated content filters to find and redact any unintentional data that may have been shared. When data is shared, it goes through a multi-step process, where we control the duration and mechanisms of how the data is stored, and encrypt the data end-to-end.
Our customer PII data process
- Customer PII is always AES-256 encrypted.
- Customer PII data is only held for the duration of the conversation lifecycle, limiting the risk of unauthorized exposure.
- Only customer PII required to answer the specific customer inquiry can be requested and stored. All other PII is redacted, where applicable.
- Only Experts who have passed identification and verification checks and have completed specific learning are eligible to request and view customer PII.
- Customer PII is protected by role and specific security policy, meaning only those that need to know can know.
- Multi-factor authentication is required to access our GigCX platform.
- Limitless holds ISO27701 certification, a standard specifically designed around data privacy best practice.