Q: Does Laiye conform to any information security standards and regulations?
Laiye has achieved ISO/IEC 27001: 2013 Certification for all our Core Platform and Cloud Platform products.
Laiye also complies with other security standards as shown in the following table.
No
Certification name
Issuing agency
Certificate Number
1Information security management system certification (ISO27001)China Certification Center Co., Ltd.02118l10296R0M
2Network Security Level Protection Wulai AI Open Platform Level Evaluation ReportSaixi Laboratory of China Electronics Standardization Institute11010850819-20001-21-110026-01
3Information system security grade protection filing certificate-Wulai AI Open PlatformHaidian Branch of Beijing Municipal Public Security Bureau11010850819-20001
4Information security management system certification (ISO27001)Huaxin Chuang (Beijing) Certification Center Co., Ltd.HXC18920IS1026R0S
5Network Security Level Protection Laiye RPA Process Management Platform Level Evaluation ReportCentral China Evaluation Center of China Information Security Evaluation Center (Hunan Information Security Evaluation Center)43010150048-19001-20-430123-01
6Laiye RPA Robot Process Automation System Test Report (Safety Test)Hunan Jiace Evaluation Information Technology Service Co., Ltd.JCIsE(s)-AQ-2019-0004
7Information system security grade protection record certificate-Laiye RPA process management platformMinistry of Public Security of the People's Republic of China4301015004819001
8Information security management system certification (ISO27001)China Zhongjing Kehuan Quality Certification Co., Ltd.04419IS0219R0S
Q: Does Laiye share user data with third parties?
Laiye does not share or access your data when you use Laiye products installed on premise.
Laiye has access to limited customer data when you use Laiye cloud products, which are kept within our ecosystem since we could completely control our in-house technology. However, if the solution involves a third-party application or platform, we will notify you before sharing your data.
For more information about how Laiye processes personal data used with Laiye products, please contact us at globalteam@laiye.com.
Q: Is the data used by Laiye cloud products encrypted?
Laiye encrypts customer data in transit and at rest.
All customer data stored within Laiye cloud products and services is encrypted in transit over public networks using Transport Layer Security (TLS) 1.2+ to prevent unauthorized disclosure or modification.
Customer data stored in Laiye cloud products and services is encrypted at rest using AES-256 encryption.
Q: Is Transport Layer Security (TLS) always used for communications with Laiye cloud products?
Yes, all Laiye Cloud systems only use TLS for communication, and we have disabled TLS 1.0, TLS 1.1, and all versions of SSL following industry standards.
Q: How are passwords for Laiye products stored?
User passwords are cryptographically hashed within all Laiye products. Robot passwords are encrypted with AES-256 encryption. Laiye RPA platform uses a dual SHA256 algorithm to hash the usernames and passwords to ensure that they cannot be decrypted in reverse.
Q: How should I report if I find a vulnerability in one of your products?
Please let us know immediately by contacting us directly at globalteam@laiye.com.