At Minnovation Technologies, creators of AlphaX Cloud, XVision AI, and the XOne Services product family, we are fully committed to protecting your data and ensuring our systems operate with security, privacy, and integrity at the core. Our data fabric—including real-time analytics, AI-powered monitoring, and system control interfaces—is designed with a security-first mindset, adhering to industry-leading practices for secure network management, system design, and data protection.

We continuously assess and improve our internal systems, controls, and policies to stay aligned with evolving threats, legislative expectations, and technological standards. If you have any questions about our data protection measures, please contact us at [email protected].

1. Secure Connections and Network Communications

All communications with Minnovation systems—including dashboards, APIs, and device connections—are encrypted end-to-end:

• SSL/TLS Encryption: All data transfers between your browser and our servers use industry-standard TLS (HTTPS). Any attempt to access an unencrypted HTTP endpoint is automatically redirected to HTTPS.

• Encrypted Database Connections: All connections to backend data sources are encrypted by default. AlphaX Cloud and XVision do not allow unencrypted access to databases under any circumstances.

• Mutual Authentication and Access Control: Internal services and microservices use mutual authentication and token-based access to minimize the risk of unauthorized access or lateral movement within the platform.

2. Physical and Cloud Infrastructure Security

Minnovation hosts its cloud infrastructure on Microsoft Azure, leveraging their highly secure, scalable global cloud platform. Our cloud environments are fully isolated per service type (e.g., analytics, storage, processing) and region.

• Data at Rest Encryption: All storage is encrypted using the AES-256 standard.

• Cloud Hosting Provider Certifications: Microsoft Azure complies with a comprehensive list of regulatory frameworks and standards, including:

  • SOC 1, SOC 2, SOC 3

  • ISO/IEC 27001, 27017, and 27018

  • PCI DSS

  • FedRAMP

  • Australian IRAP

• Physical Security: Azure’s facilities are protected by 24/7 monitoring, biometric access controls, and physical perimeter defenses. Azure and its vendors manage all hardware security under stringent compliance and audit programs.

You can learn more about Microsoft Azure’s physical and compliance infrastructure here: Azure Compliance Documentation

3. Organisational Policies and Employee Access

Minnovation enforces strict internal controls to ensure that employee access to systems is limited, monitored, and governed by policy.

• Least Privilege Access: Access to production systems and customer data is granted only to authorized personnel on a need-to-know basis.

• Strong Authentication Requirements: Administrative access requires strong passwords and mandatory multi-factor authentication (MFA).

• Encrypted Data Handling: Sensitive customer data, including PII and telemetry, is encrypted when stored on disk and during transmission across public networks.

• Security Training: All employees receive regular training on secure development practices, data privacy, phishing prevention, and incident response procedures.

Minnovation’s staff policies and procedures align with the Australian Government’s Protective Security Policy Framework (PSPF) and Victorian Protective Data Security Standards (VPDSS) where applicable.

4. Data Privacy and Legal Compliance

Minnovation is committed to protecting personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the Privacy and Data Protection Act 2014 (Vic) where relevant.

• Data Minimisation: Our systems are designed to collect only the information necessary for their function (e.g., anonymized event metadata instead of raw video where possible).

• Privacy by Design: XVision products apply real-time privacy masking, license plate blurring, and on-device PII redaction as part of our core system design.

• Customer Data Sovereignty: All processing and storage of customer data occurs within Australian-hosted infrastructure unless otherwise agreed in writing.

For full details, please refer to:

• Minnovation’s Privacy Policy

• Minnovation’s Data Protection & Handling Statement

5. Governance, Documentation, and Certifications

To ensure our commitments are backed by concrete processes, Minnovation maintains the following governance documents:

• Security Management Plan – outlines our organizational controls, risk management processes, change management, and incident response.

• Data Retention and Deletion Policy – defines how long data is stored and how it is securely destroyed.

• Access Control Policy – describes how access to production systems is provisioned, reviewed, and revoked.

• Incident Response Procedure – details how we respond to and report potential data breaches.

• Privacy Impact Assessments (PIAs) – conducted for all systems handling personal or sensitive information (e.g., XVision, AlphaX Cloud).

These documents are available for customer review under NDA or contractual obligation and may be referenced in procurement and compliance processes.

6. Contact and Support

We welcome transparency and are committed to responding to any data protection queries promptly. Please reach out if you require:

• A copy of our security or privacy policies

• Assistance completing a privacy review or compliance form

• Details on how your specific deployment adheres to local privacy regulations

Email: [email protected]
Phone: 1300 916 082
Postal: 11 Rays Way, Pakenham, VIC Australia 3810

Published: 27/07/2023
Reviewed: 27/07/2025. Revised to incorporate procedures required for new products