Fria AI

Security at Fria AI

Your security and privacy are our top priorities

Enterprise Security

Industry-leading security standards and practices

Data Encryption

End-to-end encryption for all data transmission

Privacy by Design

Built with privacy and security from the ground up

1. Our Security Commitment

At Fria AI, we understand that trust is earned through consistent, reliable security practices. We are committed to protecting your personal information, ensuring the integrity of our services, and maintaining the highest standards of data security.

Our security framework is built on industry best practices, compliance standards, and continuous monitoring to protect against evolving threats.

2. Data Protection Measures

Encryption

  • • AES-256 encryption for data at rest
  • • TLS 1.3 for data in transit
  • • End-to-end encryption for sensitive data
  • • Encrypted database storage

Infrastructure Security

  • • Secure cloud infrastructure (AWS/Vercel)
  • • Regular security audits and penetration testing
  • • Multi-factor authentication (MFA)
  • • Network segmentation and firewalls

Access Control

  • • Role-based access control (RBAC)
  • • Principle of least privilege
  • • Regular access reviews
  • • Secure authentication protocols

Monitoring & Response

  • • 24/7 security monitoring
  • • Automated threat detection
  • • Incident response procedures
  • • Regular security assessments

3. NutriAI Security Features

NutriAI has additional security measures specific to AI and image processing:

  • Secure image processing pipelines with automatic deletion after analysis
  • AI model security to prevent adversarial attacks
  • Data anonymization for model training
  • Secure API endpoints with rate limiting
  • Privacy-preserving analytics that don't store personal images

Important: We do not store your personal food images. Images are processed in real-time and immediately deleted after analysis to protect your privacy.

4. Compliance & Certifications

We adhere to various compliance standards and regulations:

Privacy Regulations

  • GDPR (General Data Protection Regulation)
  • CCPA (California Consumer Privacy Act)
  • SOC 2 Type II Compliance

Security Standards

  • ISO 27001 Information Security
  • OWASP Security Guidelines
  • Cloud Security Alliance (CSA)

5. Data Retention & Deletion

We follow strict data retention policies:

  • Personal data is retained only as long as necessary for service provision
  • Account data can be deleted upon user request
  • Analytics data is anonymized and aggregated
  • Backup data is securely destroyed according to retention schedules
  • Regular data purging processes to minimize data exposure

6. Incident Response

In the unlikely event of a security incident, we have comprehensive response procedures:

1

Detection

Immediate identification and assessment

2

Containment

Isolate and prevent further damage

3

Investigation

Thorough analysis and evidence collection

4

Recovery

Restore services and implement fixes

We commit to notifying affected users within 72 hours of discovering any data breach that may impact personal information, in compliance with applicable regulations.

7. Employee Security Training

Our team undergoes regular security training including:

  • Security awareness and best practices
  • Data handling and privacy procedures
  • Incident response protocols
  • Social engineering awareness
  • Regular security updates and briefings

8. Third-Party Security

We carefully vet all third-party services and partners:

  • Due diligence and security assessments for all vendors
  • Contractual security requirements and compliance obligations
  • Regular reviews of third-party security practices
  • Data processing agreements (DPAs) with all processors
  • Limited data sharing based on necessity

9. Reporting Security Issues

We encourage responsible disclosure of security vulnerabilities:

Report a Security Issue

If you discover a security vulnerability, please report it to us immediately:

Email: security@fria.ai

Response Time: Within 24 hours

PGP Key: Available upon request

Please do not publicly disclose security issues until we have had a chance to address them.

10. Security Updates

This security page is regularly updated to reflect our current practices and any material changes to our security posture. Last updated: December 2024.

11. Contact Our Security Team

For security-related questions or concerns, contact us:

Security Team: security@fria.ai

Privacy Officer: privacy@fria.ai

General Inquiries: hello@fria.ai

Address: Fria LLC, 30 N Gould St, Sheridan, WY 82801

Emergency Contact: Available 24/7 for critical security issues