Enterprise-grade security
for your media universe
Ceivo is built from the ground up to give your organisation complete confidence — protecting your content, your data, and your workflows with verifiable controls at every layer.
Security built into every layer
From infrastructure to application to governance, Ceivo's MCP architecture ensures your content is protected, traceable, and always under your control.
Encryption Everywhere
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. No content moves unprotected — ever.
Access Controls
Multi-factor authentication and granular role-based access controls ensure only authorised users can access sensitive assets.
AWS Infrastructure
Ceivo runs on Amazon Web Services, leveraging enterprise-grade physical security, compliance certifications, and regional redundancy.
Continuous Monitoring
Real-time system logging and automated threat detection run 24/7, with alerts escalated to engineering the moment anomalies appear.
Regular Penetration Testing
Third-party security firms conduct regular vulnerability assessments and penetration tests across all production infrastructure.
Secure SDLC
Security is baked into our development process — code reviews, automated SAST scanning, and pre-deployment security testing on every release.
Your data belongs to you — always
Ceivo processes your content solely to provide the service. We will never use your media assets, metadata, or usage data for any other customer, for model training, or for any commercial purpose without your explicit written consent.
- Customer data is never shared across tenants
- No use of your content to train AI models
- Processing limited strictly to service delivery
- Full data return or deletion within 30 days of termination
- Written certification of deletion available on request
Automated backups and disaster recovery
For Ceivo-hosted deployments, automated daily backups run continuously with a minimum 30-day retention window. Backup data is stored in geographically separate AWS regions from primary data, ensuring continuity in the event of a regional outage.
- Daily automated backups — no manual intervention
- Geo-distributed storage across separate AWS regions
- Regular recovery drills to validate restore integrity
- Self-hosted deployments: customer retains full control
Control where your data lives
Customer data is stored and processed in your agreed AWS region. If additional regions are needed to optimise performance for your users — for example, CDN caching closer to international teams — we notify you before any change and ensure all transfers comply with applicable data protection law.
- Primary storage in your agreed AWS region
- Advance notice of any change to data processing locations
- Cross-border transfers comply with GDPR and applicable law
- Standard Contractual Clauses available for EEA transfers
Built for regulated media organisations
Ceivo's privacy and compliance framework is designed to meet the requirements of GDPR, CCPA, and enterprise procurement across broadcast, streaming, and rights-managed content environments.
GDPR — Full Data Processor DPA
Ceivo acts as your data processor. We provide a complete Data Processing Addendum, assist with data subject rights requests, and notify you within 72 hours of any personal data breach.
CCPA Compliance
For California-based customers and users, Ceivo's privacy practices align with CCPA requirements. Full privacy policy available at ceivo.com/privacy.
Sub-processor Transparency
We maintain an up-to-date list of all third-party sub-processors. Every sub-processor is bound by data protection obligations no less restrictive than our own DPA.
Audit & Inspection Rights
Customers have the right to audit Ceivo's compliance with the DPA, including engaging third-party auditors, with reasonable advance notice.
Data Subject Rights
We forward all data subject requests directly to you and assist in meeting your obligations for access, rectification, erasure, portability, and restriction of processing.
72-Hour Breach Notification
In the event of a personal data breach affecting your data, we commit to notifying you within 72 hours — including all available information on scope, impact, and remediation.
Uptime you can depend on
Ceivo commits to a 99.5% monthly uptime SLA. If we fall short, service credits are applied automatically — no need to ask.
| Monthly Uptime | Service Credit | What this means |
|---|---|---|
| ≥ 99.5% | No credit required | Standard — our expected operating level |
| 99.0% – 99.49% | 10% monthly fee | Up to ~3.6 hrs unplanned downtime per month |
| 95.0% – 98.99% | 25% monthly fee | Up to ~36 hrs unplanned downtime per month |
| Below 95.0% | 50% monthly fee | Significant service disruption |
Scheduled maintenance, emergency maintenance, and downtime caused by factors outside Ceivo's reasonable control are excluded from uptime calculations. Credits must be claimed within 30 days of the relevant month.
Fast response when it matters most
Our support team commits to clear response windows based on issue severity — with automatic escalation to senior engineers and management for critical incidents.
Critical — 2 hours
Complete service unavailability or data loss. Automatically escalated to senior engineering and management with regular status updates until resolved.
High — 4 business hours
Significant functionality impaired affecting multiple users. Assigned to engineering with priority handling and clear resolution timeline.
Medium — 1 business day
Minor functionality issues or single-user impact. Triaged and assigned within one business day with an expected resolution window.
Low — 2 business days
General questions, feature requests, or training support. Reviewed and responded to within two business days.
Ready to govern your content with confidence?
Talk to our team about how Ceivo's security architecture fits your organisation's requirements.