Centvision AI builds computer vision and autonomous AI agents engineered for reliable deployment in real-world environments.

Data Security Policy

Data Security Policy

Last updated: [16 Jan 2026]

1. Purpose

This Data Security Policy sets out the measures Centvision AI uses to protect personal data and confidential information against unauthorised access, loss, alteration, or disclosure.

The policy supports compliance with:

  • UK GDPR
  • Data Protection Act 2018
  • Relevant UK regulatory and contractual obligations

2. Scope

This policy applies to:

  • All employees, contractors, and authorised third parties
  • All systems, applications, and services operated by Centvision AI
  • All personal data and confidential business information processed by Centvision AI

3. Data Protection Principles

Centvision AI follows the UK GDPR principles by ensuring that personal data is:

  • Processed lawfully, fairly, and transparently
  • Collected for specified, explicit, and legitimate purposes
  • Adequate, relevant, and limited to what is necessary
  • Accurate and kept up to date
  • Retained only as long as necessary
  • Processed securely

4. Governance and Responsibility

4.1 Accountability

Centvision AI maintains accountability for data security through defined internal responsibilities, management oversight, and documented procedures.

4.2 Staff Responsibilities

All personnel are required to:

  • Follow this policy and related procedures
  • Protect credentials and access rights
  • Report security incidents immediately

5. Access Control

Access to systems and data is restricted based on the principle of least privilege.

Measures include:

  • Role-based access controls
  • Unique user accounts
  • Strong password requirements
  • Multi-factor authentication where appropriate
  • Timely removal of access upon role change or departure

6. Technical Security Measures

Centvision AI implements appropriate technical safeguards, which may include:

  • Secure system architecture
  • Encryption of data in transit and, where appropriate, at rest
  • Firewalls and network segmentation
  • Secure authentication mechanisms
  • Regular system updates and patching

Security controls are reviewed periodically to reflect evolving risks.

7. Organisational Security Measures

Organisational controls include:

  • Staff awareness and training
  • Documented security procedures
  • Secure handling of data and credentials
  • Confidentiality obligations within contracts

8. Third-Party Security

Where Centvision AI uses third-party service providers (e.g. hosting, analytics, communications):

  • Providers are assessed for security and compliance
  • Contracts include data protection and confidentiality obligations
  • Access is limited to what is necessary to deliver services

9. Data Breach Management

9.1 Incident Response

Centvision AI maintains procedures to identify, assess, and respond to data security incidents.

9.2 Notification

Where a personal data breach poses a risk to individuals’ rights and freedoms:

  • The Information Commissioner’s Office (ICO) will be notified within 72 hours where required
  • Affected individuals will be informed where legally required

All incidents are documented and reviewed.

10. Data Retention and Disposal

Personal data is retained only for as long as necessary for:

  • Contractual obligations
  • Legal and regulatory requirements
  • Legitimate business purposes

Secure deletion or anonymisation is applied when data is no longer required.

11. Remote Working and Device Security

Where remote access is permitted:

  • Secure connections are required
  • Devices must be protected by authentication controls
  • Reasonable measures are taken to prevent unauthorised access or data leakage

12. Monitoring and Review

Security measures and this policy are:

  • Reviewed periodically
  • Updated in response to regulatory changes, risk assessments, or operational changes

Compliance may be supported through internal reviews and audits.

13. Policy Breaches

Failure to comply with this policy may result in:

  • Disciplinary action
  • Contractual remedies
  • Legal consequences

14. Related Policies

This policy should be read alongside:

  • Privacy Policy
  • Data Processing Agreement (where applicable)
  • Acceptable Use Policy
  • Incident Response Procedures

Website means https://centvisionai.com or such other URL as notified by us from time to time.

Centvision AI operated by Qin Dynasty Ltd(“Centvision AI”, “we”, “us” or “our”)
Registered in England & Wales, Company No. 05644676
Registered office: Unit 5, Walthamstow Business Centre, Clifford Road, London, E17 4SX