
Introdiction
Today, data is one of the most critical aspects of operations that must be secured due to its sensitivity.
Due to the importance of data, unauthorized access to sensitive information, violation of data security in the digital age we are in, customers lose their data and trust, legal situations arise and financial impact.
At Baseq, security is one of our sensitive points. We are committed to keeping data secure at all times by closely following security updates and regulations.
We use a range of active/passive security measures within our hosting and implementation, from strict partitioning to advanced api control and network protection mechanisms.
As BASEQ, we closely monitor security steps in both development and production environments outside the infrastructure by conducting regular code and security tests starting from the code phase.
As a final step, we reinforce the follow-up with detailed access control management and detailed monitoring logs to your data and our environment.
Internal Security Policies
- Reputable Infrastructure
The Baseq family of applications is deployed on and available on leading infrastructure service providers with the highest security standards, and it is widespread and well-known.
Our application can also run on leading platforms like Microsoft Azure, AWS and GCP. Microsoft Azure is Baseq’s primary cloud provider.
Within the secure infrastructure provider, we host all our data in highly secure physical and software Secure Cloud facilities.
All our customer data is hosted in SOC 2, ISO 27001, HITRUST and GDPR compliant data centers.

- Ecosystem
As with infrastructure, Baseq’s app family preferences within the ecosystem are focused on providers with high efficiency, integration diversity and maturity, as well as main preferences such as ubiquity and recognition.
- Application development
Regarding technology, we follow current and new technologies within RnD; we take action to improve our product by working on adaptation and application.
In addition to the technical approach, we work within the SDLC (Secure Software Development Life Cycle). In addition to separating applications with different levels of development, test, pre-prod and prod environments, all application services are also separated for control and security purposes.
- Architecture Layers
Within the Security framework, which is open to development, BASEQ has planned security enhancements. Architecturally, a layered working architecture has been designed for control and security purposes. By providing data security with encrypted, unique access and Physical access limitations, it aims to ensure that your data is safe against both malicious and accidental violations while helping to comply with regulations.
- Authentication
Baseq is designed to enhance security and protect user accounts through standards within password-setting criteria and policies. For example, Min. Max. characters, complexity, diversity, personal information check, history and refresh check, MFA, lockout and recovery, secure transmission & storage, Unicode support, management diversity
- Cryptography and Encryption
Baseq’s production environment runs on a secure cloud platform (SCP), and all data and database files are encrypted using storage and service-side encryption (SSE). To transfer data to Baseq’s platform, users can provide details of a Blob bucket containing CSV or Parquet files or allow Baseq’s secure production server to access the databases directly.
We use regionally located servers in combination with Cloudflare’s geographical load balancer to ensure that intra-European traffic never leaves Europe.
Baseq’s network is managed with a secure 2FA privilege access and is protected at an active security level using additional endpoint protection solutions.
- Data Storage and Access
While Baseq, a 100% cloud-based solution, uses a SaaS hosting model, no data – raw or otherwise – provided by the customer in collaboration with secure infrastructure providers is copied, transmitted or used except to create forecasts based on a trained model.
When a predictive model or dataset is deleted, all associated data used by this business is destroyed.
Client computers used to access and use our systems do not store any information other than simple logs and cookies (see privacy and policy), none of which contain any data used to or generated by the prediction jobs. All information submitted during a user session is not stored in non-volatile memory and is destroyed by the browser at the end of the session.
Baseq-authorized persons also access the data on a need-to-know basis by the authorisation policy.

- Logging and Monitoring
Accesses at all levels, covering the entire production environment, login attempts, source IP, any data connection opened, duration and the task for which it was used. All information required for control and regulatory purposes is logged in the process log and can be accessed when necessary.
- Incident Response Management
With strategic resources and presence at the last layer, security and privacy are among our highest priorities.
The behaviour monitoring application monitors any suspicious or malicious transaction.
All our activities are implemented or planned in the light of our past experiences and supported by consultancy.
With strategic resources and presence at the last layer of the layer, security and privacy are among our highest priorities.
Any suspicious or malicious transaction is monitored by the behavior monitoring application.