Try Safe in one click and discover how we improve your occupational risk prevention

No-obligation trial

Security, Privacy and Data Protection Framework (GDPR)

1. Data Anonymisation: Privacy by Design

Safe implements cutting-edge technical measures to ensure that video analysis complies with personal data protection regulations (GDPR).

  • Irreversible face blurring process: to protect the identity of subjects, the system applies an irreversible anonymisation process to alert images and videos by default. This erasure happens as soon as the image is captured from the camera, so processing and storage occur with it already applied — the original face cannot be recovered afterwards.

  • Body blurring: in situations where other bodily features, such as tattoos, could be a concern for identifying people, full blurring can be applied. This feature must be notified in advance.

IMPORTANT: a reversible blurring mode can be configured for cases where infractions with criminal impact are anticipated. This blurs the face in normal use (after the image is recorded in the database), and if a user with administrator permissions activates it, the faces can be revealed. However, this system must be notified and enabled in advance, since, as noted above, the base system destroys the original data.

2. Logical Segregation and Multi-tenancy

Safe's architecture guarantees total isolation of information between different organisations or sites.

  • Unique Tenant ID:

  • Each entity (cameras, alerts, users) is irrevocably linked to a unique client identifier.

  • Automated Access Control:

  • The system automatically applies tenancy filters on every database query to ensure users only access information relevant to them.

3. Encryption Standards

  • Data at Rest:

  • All sensitive information stored in our databases and file systems is protected using the advanced encryption standard AES with 256-bit keys.

  • Data in Transit:

  • Communications between the user's browser and the server, as well as between microservices, are protected by Transport Layer Security (TLS) 1.2 or higher, preventing any type of interception or message forgery.

4. Identity and Access Management (IAM)

Safe implements a multi-level authentication and authorisation architecture that secures both platform access and video stream integrity.

4.1. JWT Token Strategy (Dual Use)

The system uses JSON Web Tokens (JWT) for two critical and distinct purposes, ensuring lightweight sessions and secure transmissions:

  • Session Management:

  • Tokens are stored in secure cookies, eliminating the need for constant database queries to validate the active session.

  • Streaming Security (MediaMTX):

  • To access HLS/WebRTC streams, the system generates short-lived tokens (15 minutes) signed with RS256 algorithms. MediaMTX validates these tokens against an internal JWKS endpoint, ensuring only authenticated users can view video in real time.

4.2. Credential Integrity and Validation

The system uses JSON Web Tokens (JWT) for two critical and distinct purposes, ensuring lightweight sessions and secure transmissions:

  • High-Strength Hashing:

  • Passwords are processed using bcrypt with a cost factor of 12. This standard is strictly enforced during registration, login and profile updates, ensuring immunity against rainbow table attacks.

  • Input Sanitisation (Zod):

  • All interactions with the backend (login, registration, configuration changes) are protected by Zod validation schemas. This prevents injection attacks and the processing of malformed data before it reaches the business logic or database.

4.3. Authorization and Isolation by Organisation (Multi-tenancy)

Logical security is based not only on role, but on organisation membership:

  • Filtering by orgId:

  • Every API request (event images, cameras, documents) requires session validation where the system strictly filters data by the user's organisation ID.

  • File Isolation:

  • Paths in object storage are physically partitioned by organisation (e.g. /[orgId]/[eventId].jpg), ensuring it is impossible to access other clients' data.

5. Infrastructure Defence Layers (Hardening)

In addition to access control, Safe Pro applies hardening policies to network traffic and native configurations.

5.1. Security Headers and Navigation Control

The system automatically injects security headers to protect the end user against common attacks:

  • X-Frame-Options (DENY):

  • Prevents Clickjacking attacks.

  • X-Content-Type-Options (nosniff):

  • Prevents the browser from interpreting files with incorrect MIME types.

  • Browser XSS Filter:

  • Additional layer against cross-site scripting attacks.

  • X-Robots-Tag:

  • Instructs search engines not to index any part of the internal application.

5.2. Rate Limiting

To mitigate brute-force or denial-of-service (DoS) attacks, the gateway limits traffic to the application and protected AI routes:

  • Security Threshold:

  • Configured for an average of 100 requests per second, with controlled bursts of up to 50, ensuring server stability during unusual traffic spikes.

5.3. Origin Policy (CORS)

Safe restricts cross-origin requests through strict CORS policies on the socket server and inference engine, allowing communication only with the official dashboard origin and prohibiting the use of credentials on unauthorised domains.

6. Role Model

Access control is based on roles (RBAC) with granular permissions:

  • User:

  • Access to view assigned events and cameras.

  • Admin:

  • Management of organisation users, camera configuration and event deletion.

  • Super Admin:

  • Full access, including diagnostic panels and management of multiple organisations (Safe developers).

7. Security Lifecycle

  • Secure Development (SDLC):

  • Safe is developed following code review phases and security testing in development and test environments fully segregated from production.

  • Patch Management:

  • We maintain a strict update policy:

    • · Critical Vulnerabilities:

    • Patches applied within a maximum of 7 days of identification.

    • · High Vulnerabilities:

    • Resolved within a maximum of 30 days.

8. User Recovery and Rights

  • Account Recovery:

  • We implement a recovery flow based on cryptographically generated unique tokens with validity limited to 1 hour.

  • Data Subject Rights:

  • The system allows the export and deletion of event data to facilitate compliance with data subjects' rights of access, rectification and erasure.

Contact & Support

For technical questions about hardware compatibility or custom quotes, contact us at:

  • Technical Support: support@safe.ai

  • Sales: commercial@safe.ai