top of page
Security and Data Protection at PingMi




At PingMi Inc., we are committed to the highest standards of data security and privacy. As a technology-driven company, we understand the importance of protecting the personal information of our users and partners. This page outlines our practices and compliance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Our Commitment to GDPR and CCPA


As part of our commitment to global data protection standards, we adhere to the requirements of GDPR for our European users and CCPA for users residing in California. We ensure transparency, user control over data, and strong security measures to protect data integrity and privacy.


Data Security Practices


Our robust security infrastructure includes the following measures to safeguard your data:

- Server Security: Hosted on AWS Elastic Beanstalk, our servers are configured with CORS policies and encrypted connections to enhance security.

- Data Encryption: To ensure the security of your personal and sensitive data, both when it is stored on our servers and during transmission, we implement advanced encryption standards:

- Password Security: We protect user passwords using bcrypt, an industry-standard hashing algorithm that securely scrambles passwords to prevent unauthorized access.

- Sensitive Data Encryption: Sensitive data is encrypted using advanced cryptographic techniques, including RSA encryption and other secure encryption methods designed to safeguard data against eavesdropping and ensure that only authorized users can access their information.

- Comprehensive Protection: Our encryption practices are designed to provide robust security for your data at rest and in transit, adhering to internationally recognized security standards.

- Access Control: We employ short-lived tokens to maintain session integrity and minimize the risk of unauthorized access.

- Secure Communication: All data transmitted to and from our sites are encrypted using SSL technology, ensuring that personal information is transmitted securely.


Data Processing and Storage

Our data is securely stored on MongoDB Atlas and AWS servers, which are renowned for their robust security features. These platforms provide comprehensive security for our databases, ensuring data integrity and protection from unauthorized access. Additionally:

  • Data Storage Security: Our tool uses state-of-the-art encryption techniques to secure all data stored, ensuring that sensitive information is protected from unauthorized access. This means that your product insights are safe and confidential.

  • Data Analysis: Our analysis is based on OpenAI models. OpenAI anonymizes and de-identifies data to remove personally identifiable information (PII) before processing it for analysis. This helps protect the privacy of individuals and ensures that sensitive information is not exposed during the analysis process. Read Open AI API Policy.


Auditing and Compliance


As a small startup, we focus on implementing best practices for data security and continuously improving our processes. Although formal audits are challenging due to limited resources, we regularly review our security policies and practices to ensure compliance with GDPR and CCPA. We conduct regular security audits and assessments to proactively identify and address potential vulnerabilities, ensuring that our tool remains resilient against evolving threats and maintains a high level of security.


Handling Data Requests


We process all user data requests manually via a designated email address. This allows us to handle each request with the attention it deserves, ensuring that users can exercise their rights under GDPR and CCPA effectively. Users can request access, correction, or deletion of their data by contacting us at


Data Breach Procedures

In the unlikely event of a data breach, we are prepared to act swiftly. We will notify affected users via their registered email addresses and take immediate steps to mitigate any potential damage. Our procedure includes identifying the breach, containing the impact, and preventing future incidents.


Contact Us


For more information about our data protection practices or to exercise your data protection rights, please contact us at

bottom of page