When developing GoSpeech, data security, including the possibility of on-premises installation, has a very high priority. That's why GoSpeech is only hosted in German data centers with ISO 9001 and ISO 27001 certification to ensure optimal data security. Thanks to several server locations in Germany, maximum availability is also offered, so that GoSpeech is accessible at any time.
Comprehensive security policies ensure user data remains private and secure in the cloud. In order to protect sensitive user data, it is transmitted in encrypted form. We use end-to-end encryption for this. Communication between the client applications and the GoSpeech platform is via HTTPS using TLS with an AES 256-bit encryption algorithm. The communication of individual containers within our server, which can only be accessed via encrypted connections, is also encrypted with a self-signed certificate.
Signing into the GoSpeech account is done through an OAUTH2 authorization code flow using PKCE. Each registration receives a personal access token, which contains the rights and user-defined areas in GoSpeech.
Audio, video and text data are only used to provide the purchased service. They are also used to optimize speech recognition for individual user profiles. The speech recognition software only receives the data for training the software that is used in the form of a user-defined dictionary and those words that are submitted to us via the "Alternative spelling" function.
No voice profiles (biometric data) are used. Neither the user profiles nor the audio, video and text files are used to train the basic language model (e.g. to train neural networks or similar).
After completion of the contract, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law, and then deleted after the period has expired.
GoSpeech runs in a triple replicated IT infrastructure on German servers that promise maximum data security. Because our servers are located at two locations in Germany, we can not only guarantee reliability, but also GDPR-compliant data protection.
The servers of our web application are operated in the secure cloud of the provider plusserver. plusserver offers companies of all sizes access to the most modern infrastructure from the cloud: highly available servers, redundant data storage, GPU servers for demanding IT tasks. In European data centers that meet the high requirements of the EU General Data Protection Regulation. In cooperation with plusserver we can ensure that the GoSpeech platform meets the extensive, international and industry-specific compliance and security standards.
Our servers are continuously monitored and subject to regular audits to ensure that the cloud infrastructure provided meets the highest standards for secure data transmission. plusserver has a PCI DSS certificate and BSI C5 attestation. With the certification, we provide documented proof that the information security requirements are met and that the measures to protect data are implemented. We, the Grundig Business Systems GmbH & Co. KG, are also certified according to ISO 9001 through quality management and guarantee high environmental standards according to ISO 14001.
Detailed information on the certifications is available on request.
In addition, the GoSpeech servers are characterized by high availability. This high availability of our servers refers to a set of technologies that minimize IT disruptions by ensuring business continuity of IT services through fully redundant, fault-tolerant or failover-protected components in the data center. Our servers are certified according to the ISO 22301 standard, which certifies security and reliability. GoSpeech can be called up around the clock and remains available even in the event of a server failure. To this end, a business continuity and disaster recovery program has been developed to recover and resume critical business processes and systems in a timely manner in the event of a critical business disruption.
We offer GoSpeech for companies as a container-based solution and install the transcription software on our customers' servers in a data-protected manner, or offer dedicated hosting. Only people who have access to Customer's network can use GoSpeech. The installation is carried out by trained system engineers who, together with the system administrator, ensure that no unwanted access is enabled during configuration.
On-premises
No external data connection is required to operate GoSpeech as an on-premises solution. All services required for GoSpeech run exclusively on the customer's servers. Accordingly, neither user data nor uploaded files or transcripts are transmitted to unauthorized persons. According to the contractually agreed usage bill, only the consumption data must be reported. The reporting of this consumption data is in the hands of your system administrator and does not happen automatically.
Cloud
Alternatively, we can also host GoSpeech for you on a provided server in the 23m cloud. All services required for GoSpeech run exclusively on this dedicated server. Accordingly, neither user data nor uploaded files or transcripts are transmitted to unauthorized persons. According to the contractually agreed usage bill, only the consumption data must be reported. The reporting of this consumption data is in the hands of your system administrator and does not happen automatically. Detailed information on the certifications of 23m are available on request.