Security & Compliance

At Theymes, we are committed to maintaining the highest standards of security and compliance to protect your data and ensure the integrity of our player support platform. This page outlines our key practices and certifications.

Introduction to our security philosophy

Our approach to security is comprehensive, extending across our infrastructure, development practices, and operational procedures. We understand the critical nature of the data entrusted to us by enterprise gaming companies and their players.

We continuously monitor, update, and improve our security measures to address emerging threats and evolving best practices. Transparency and trust are paramount, and we strive to provide our clients with clear insights into our security posture.

As a testament to our commitment, we are currently following the ISO 27001 standard, ensuring a systematic approach to managing sensitive company information so that it remains secure.

GDPR & data privacy

Theymes is fully compliant with the General Data Protection Regulation (GDPR) and other relevant data privacy laws. We have implemented robust processes for data handling, consent management, and data subject rights.

Key aspects of our GDPR compliance include: Data Protection by Design and by Default, secure data processing agreements, and mechanisms for data access, rectification, and erasure requests. Our platform features are built with privacy considerations at their core.

For more detailed information, please refer to our dedicated Privacy Policy or contact our Data Protection Officer.

AI security & data handling

Our AI-powered features are designed with security and privacy as foundational principles. We implement robust internal safeguards to govern the use of AI, ensuring responsible development and deployment.

In our collaboration with OpenAI for advanced AI capabilities, we have strict zero data retention agreements in place. This means that any data processed by OpenAI models on our behalf is not stored or retained by them, providing a critical layer of data protection.

Furthermore, to enhance the security and control over our AI operations, we leverage services such as AWS Bedrock. This allows us to utilize powerful foundation models within a secure and private environment, aligning with our commitment to data sovereignty and enterprise-grade security.

Secure infrastructure & operations

Our platform is built on a resilient and secure cloud infrastructure, leveraging industry-leading providers and security services. We employ a defense-in-depth strategy, including network segmentation, intrusion detection/prevention systems, and regular vulnerability scanning.

Access controls are strictly enforced, based on the principle of least privilege. All data in transit and at rest is encrypted using strong cryptographic standards. We conduct regular security audits and penetration tests to validate our defenses.

Our operational security includes 24/7 monitoring, incident response protocols, and comprehensive disaster recovery and business continuity plans to ensure service availability and data integrity.