How does Secure Redact process my data?
All the details for exactly how Secure Redact online deals with your videos and your personal data.
How does Secure Redact collect data?
When a customer (the data controller) uploads video data directly to the SaaS service, the uploaded video is automatically processed by the Secure Redact software.
The software ingests the video file, reformats it and then runs machine learning algorithms over each frame of the video to detect all faces and number plates that appear - for redaction purposes only. These detections are then overlaid as redaction boxes onto the video, and are only viewable by the customer - who can watch the video to review the results prior to blurring and exporting the final file. Once finalised, Secure Redact creates the final redacted video for download by blurring all the detected personal data, ready for export.
Secure Redact processes the video for the customer’s redaction purposes only.
Who has access to my data?
Users can only access their own videos.
Only select Pimloc admin staff have access to the Secure Redact system, and will only do so at your request.
How does Secure Redact store data?
Once videos are uploaded to the Secure Redact servers, they go through the following four states:
Uploaded: video has been successfully uploaded to the Secure Redact servers, and is stored and processed in Amazon EFS (elastic file system), located in Amazon AWS South Dublin Data Centre.
If you are a US customer, the video is stored and processed in AWS Virginia. All US data is uploaded to AWS West Virginia as standard.
Converted: video is converted to be able to run through our servers quickly. This is a high resolution version of the video which Secure Redact uses to process the detections, also stored in Amazon EFS (Dublin for UK/EU customers, Virginia for US customers).
Detected: video has been automatically processed for faces and number plates. This is what a customer will see on the app, with overlaid orange redaction boxes onto the video. This is a low resolution version of the converted video, stored in EFS (Dublin for UK/EU customers, Virginia for US customers).
Secure Redact software also stores the location information for each detection box (location of faces and number plates in each video frame) as text, along with a thumbnail of the content of each box - all stored in EFS.
Redacted: all detections have been blurred out in the video when the user presses “Redact”. This creates a version of the video where all personal data is redacted, ready for download. This is now part of that video (and irreversible without going back to re-edit). This state 4 of the video is also stored in Amazon EFS (Dublin for UK/EU customers, Virginia for US customers).
The Secure Redact software maintains a copy of all the different states of video (uploaded, converted, the detections and the redacted video), so that users can go back from the ‘Redacted’ state to ‘Detected’ to make any additional changes. If they do go back to edit, and then press redact again, the old ‘Redacted’ version is automatically and securely deleted from our stores.
How does Secure Redact delete data?
Secure Redact is not a video storage system - user videos are stored temporarily (as long as the customer is active) for the purpose of anonymisation only. When a customer deletes a video from their Secure Redact account, all states of their video (uploaded, converted, detected and redacted), along with the detection data associated with the video, are automatically and securely deleted from EFS - either AWS Dublin (for UK/EU customers) or AWS Virginia West (for US customers).
If customer accounts become inactive, Pimloc’s terms state that they can delete customer video files once they have been stored in Secure Redact for more than 60 days (details can be found in Pimloc’s privacy policy.
Does Secure Redact use my data to train its algorithms?
Only if users explicitly give permission to allow Secure Redact to use their data to improve the performance of the Secure Redact system. By default user data is not used for algorithm training.
For every video that a user uploads, there is the optional choice to allow Pimloc to use and store parts of this content for the purposes of developing and improving its system. Pimloc wants to be able to use a small number of frames from videos that are uploaded to tune and improve the way their systems work.
Practically, opting in allows Pimloc to store such frames indefinitely and use them to augment how they train their detection algorithms. Pimloc is committed to providing high accuracy and precision algorithms for the detection and redaction of personal information.
A Pimloc team member will review the selected frames, draw annotation boxes and add them to our training data.
Pimloc will keep a record of where all video frames have come from, along with opt-ins, so that they can be removed / deleted as required in future. All selected frames will be stored securely and only accessed by a small number of controlled Pimloc employees; they will never be sold, marketed or made public.