Skip to main content

Data Protection & Information Security Ensuring best practices

At HAWK:AI, we go beyond the necessary standards and implement industry best practices to proactively prevent harm.

Keyvisual Techcloud
Information Security

Security Features

We employ a holistic approach to practical Information Security, meaning every part of the organization participates through technical controls, processes, and awareness. The system was built with a strong focus on security from day zero.

Icon centered Trust

Mission Statement 

HAWK:AI bears an extraordinary responsibility for our client’s data and the flawless, reliable operation of the critical service we provide to them. Security is a matter of Trust, our clients' Trust.

Icon centered Security Awareness

Security Awareness

This starts with hiring people with a security mindset and includes background checks, regular trainings of all employees, and constant reminders of security threats. Security is at the forefront of our daily work.

Icon centered ISMS

Security Management

We have built and are maintaining an Information Security Management System (ISMS) in line with ISO 27001 requirements to proactively manage risks and review our controls via internal and external audits.

Icon centered Security Testing

Security Testing

We constantly challenge ourselves to improve. This includes regular internal and external testing with vulnerability scans, penetration testing, and testing the implementation of all internal policies.

Icon centered Code Review

Secure Coding Practices

Security is embedded in all stages of software development, including four-eye review of every piece of code and code change, OWASP Training, automated security tests, code scanning, end2end tests, and more. We apply these practices to all our code - from Backend, Frontend, and Data Science to Infrastructure Code.  

Icon centered Alerting

Extensive Monitoring

Our 24/7 monitoring operations provide extensive security coverage of our cloud services, from the component and hardware level to code. Monitoring and alerting are focused on both availability and security aspects, which enable prompt and effective responses from our team of on-duty experts.

Icon centered Threat detection

Threat Detection 

We apply state-of-the-art machine learning-supported technology to detect and alert us to intrusions, as well as abnormal or potentially malicious behavior in our environments. This enables our 24/7 on-duty personnel to provide all necessary information and respond in a timely manner.

Icon centered Certified

Certified Practices 

HAWK:AI follows industry best practices to proactively manage information security risks. We review the effectiveness of our technical and organizational practices on a regular, ongoing basis. HAWK:AI is ISO 27001 certified.

Download the certificate here. 

Data Protection

Data Protection Features

Data protection is one of our core principles at HAWK:AI. We truly respect our and our clients’ data. As we are based in Europe, we are fully compliant with the General Data Protection Regulation (GDPR). These rights will apply to all our customers, regardless of where they are.

Icon centered Identity Management

Access Management

Our access management policies follow the “principle of least privilege.” Our primary method of assigning and maintaining consistent access controls and rights is Role-Based Access Control (RBAC). This includes, but is not limited to, Multi-Factor Authentication (MFA), system access protected via VPNs, strict password policy, and Single-Sign-On (SSO).

Icon centered Data policy

Respecting Client Data

All GDPR-relevant Personal Identifiable Information (PII) data gets tokenized, stored separately, and encrypted from other data. PII data elements do not allow tracing or matching to individuals. Access to the data necessary for investigation is secured with a roles and rights system, is logged with an audit trail, and is only granted on an individual case-by-case basis.

Icon centered Firewalls


All of our systems are protected by sensitive Web Application Firewalls (WAF). These firewalls enable fine-tuned incoming and outgoing traffic management. We utilize Distributed Denial of Service (DDoS) mitigation measures and network intrusion detection software to monitor for malicious activity, providing additional security controls for our network stack.

Icon centered Data encryption

Data Encryption

All data is encrypted both in transit and at rest, resulting in the robust protection of client data. We use Advanced Encryption Standard (AES) on all information systems to ensure effective encryption. We have deployed HashiCorp Vault to store secrets and manage the key rotation for Personally Identifiable Information in line with GDPR requirements.

Icon centered Certified

Certified Practices

HAWK:AI follows industry best practices to proactively protect client data. We review the effectiveness of our technical and organizational practices on a regular, ongoing basis. HAWK:AI is GDPR certified.

Download the certificate here.

Learn more about HAWK:AI


Hawk:AI Solutions

Our Solutions

Teaser AML Tx Monitoring

Transaction Monitoring

Monitor any transaction for red flags using a comprehensive set of rules in combination with Behavioral Analytics.

Teaser Customer Screening

Customer Screening

Screen customers against Sanctions, PEP, watchlists, and adverse media during onboarding and thereafter.

Teaser Customer Risk Rating

Customer Risk Rating

Dynamically score customer risk using internal and external data. Add behavioral analytics for richer context.

Teaser Payment Screening

Payment Screening

Screen counterparties against Sanctions and Country lists in real-time. Cleanse data and tune name-matching.