top of page

 Business Data Privacy

  • We are committed to ensuring that enterprises retain full control over their data while using our services. By default, we do not use any business data input or processed by customers to train our models. Models are built solely using public data, licensed sources, and content from our research teams, ensuring your information remains entirely private.

  • We provide transparent and controllable data retention policies to help enterprises meet ISO/IEC 27001, SOC 2 Type I, and various regulatory requirements. Customers can set their own retention periods and request immediate deletion when necessary, making compliance and governance more flexible.

  • In product design and system architecture, security is at our core. We implement multi-layered security architecture principles to ensure comprehensive protection at every stage from development to operations. We maintain 24/7 automated security monitoring and incident response mechanisms (24/7 Automated Monitoring) and undergo regular independent third-party penetration testing, red team exercises, and SOC 2 Type I audits to ensure that control measures remain continuously effective.

  • We believe data security is the prerequisite for enterprise AI adoption. Through rigorous processes and international-level verification, we build a trustworthy environment for enterprises, allowing you to leverage artificial intelligence to create value with peace of mind.

Abstract Background

Security and Privacy

We are dedicated to protecting customer data, systems, and products to build long-term trust in our enterprise platform.

Security Compliance and Certifications

We assist enterprise customers in complying with major privacy and information security regulations, including GDPR and CCPA, and provide a Data Processing Addendum (DPA) to support their compliance requirements.

We have obtained ISO/IEC 27001 and SOC 2 Type I certifications, with our information security management practices and internal control processes independently audited and verified to meet international standards. These security and compliance frameworks are also widely adopted by leading global cloud and AI service providers such as OpenAI, Google, and Microsoft.

1.png

External Testing

Our systems and cloud services undergo regular third-party security testing, such as penetration testing, to identify and remediate vulnerabilities before potential attackers can exploit them.

2.png

AI Model Evaluation and Third-Party Verification

ACE has officially passed the trustworthiness evaluation and obtained the recognition report from the AI Evaluation Center (AIEC), guided by the Ministry of Digital Affairs. It is among the first Traditional Chinese models in Taiwan to pass this assessment.

Untitled design (1).png

Customer Compliance Support

We are dedicated to helping enterprise customers navigate the regulatory and contractual requirements of their respective industries, including finance, manufacturing, and government sectors.

20251224_zhiting_資安與隱私.png

Product Compliance Features

ISO/IEC 27001

Our Information Security Management System (ISMS) is ISO/IEC 27001 certified, covering organizational information asset protection, risk management, and continuous improvement processes.

SOC 2 Type I

Our products and cloud services have undergone SOC 2 Type I audits, complying with Security and Confidentiality. Third parties continuously monitor and verify the effectiveness of our control measures.

20251125_zhiting_首頁畫面.png

 Reporting Security Issues

We encourage security researchers and partners to assist in our dedicated vulnerability reporting process. If you discover any security weaknesses, please notify us via our Security Incident Reporting Channel, and we will evaluate and respond according to a strict protocol.

bottom of page