How does Altium manage and protect the Personal Identifiable Information (PII)?

Altium implements technical and organizational measures to protect personal data in accordance with applicable regulations including the GDPR and CCPA. These measures include encryption of data at rest using AES-256 and in transit using TLS 1.2, role-based access controls enforcing the principle of least privilege, and automated provisioning and deprovisioning through our identity provider to ensure access remains appropriate throughout the employee lifecycle. We apply data minimization practices to limit PII collection to what is necessary for stated purposes, maintain defined data retention and deletion policies, and have incident response procedures in place including breach notification processes aligned with regulatory requirements. Data subjects may exercise their rights including access, rectification, and erasure by contacting our Data Protection Officer. For full details, please refer to our Privacy Policy.