1. Agreement & Contract Information

Cambrionix provides standard commercial agreements covering:

• Service usage terms
• Support and maintenance
• Service availability
• Data protection obligations
• Termination provisions

Service Level Agreements (SLAs) and support response targets are available upon request and may vary depending on the customer’s subscription tier or enterprise agreement.

For enterprise customers with specific procurement or compliance requirements, Cambrionix can review reasonable amendments through mutual agreement.

---

2. Architectural Overview

Cambrionix Connect is a cloud-hosted SaaS platform designed for secure remote management, monitoring, analytics, and device operations across Cambrionix hardware deployments.

The platform consists of:

• Secure cloud APIs
• Device and hub communication services
• Customer management and authentication services
• Analytics and reporting components
• Web-based administration interfaces

All communications between client systems, hubs, and cloud services are encrypted using industry-standard secure transport protocols.

For security reasons, detailed infrastructure diagrams, network topology, and internal implementation details are not publicly disclosed.

---

3. Data Management

3a. Data Storage

What data is stored?

Cambrionix Connect stores operational and service-related information required to provide the platform functionality, including:

• Device and hub metadata
• Operational telemetry and status information
• Account and user management information
• Licensing and configuration data
• Audit and diagnostic information

Cambrionix does not store customer business content unrelated to operation of the platform.

Where is data stored?

Customer data is hosted within Microsoft Azure cloud infrastructure in UK and/or EU regions.

International data transfers

Where applicable, data processing and transfers are conducted in accordance with applicable data protection laws, including UK GDPR and EU GDPR requirements.

Data retention

Operational data is retained only as long as necessary for service delivery, support, security, and legal compliance purposes.

Retention periods may vary depending on the data type, contractual requirements, and operational necessity.

---

3b. Backup Procedures

Cambrionix maintains automated backup and recovery procedures for critical platform data.

Current measures include:

• Automated cloud database backup capabilities
• Point-in-time recovery functionality
• Secure storage within managed cloud infrastructure

Backup retention periods are aligned with operational recovery requirements and platform continuity objectives.

Backup systems are periodically reviewed as part of ongoing platform resilience improvements.

---

4. Licensing and DFU Mode

Premium licensing options are available for advanced functionality, including DFU (Device Firmware Update) operations where applicable.

Licensing is delivered electronically and can typically be activated immediately following purchase or subscription approval.

Cambrionix is also developing self-service licensing workflows to further streamline deployment and activation processes.

Enterprise and usage-based licensing models are available upon request.

---

5. Data Encryption

5a. Encryption in Transit

All communications between users, devices, hubs, and Cambrionix Connect services are protected using industry-standard encryption protocols, including:

• TLS 1.2
• TLS 1.3 (where supported)

Secure administrative and service access mechanisms are enforced across production systems.

---

5b. Encryption at Rest

Data stored within Cambrionix Connect infrastructure is encrypted at rest using Microsoft Azure managed encryption technologies.

This includes encryption for:

• Databases
• Backups
• Storage services

Industry-standard encryption algorithms such as AES-256 are utilised by the underlying cloud platform.

---

6. Patch Management & Updates

Cambrionix Connect is delivered as a managed SaaS platform.

Cambrionix is responsible for:

• Platform maintenance
• Security updates
• Infrastructure patching
• Service improvements
• Feature deployments

Updates are deployed through controlled release processes designed to minimise operational disruption.

Critical security updates are prioritised according to risk and impact assessments.

---

7. Vulnerability Management

Cambrionix maintains an ongoing vulnerability management process that includes:

• Dependency and software vulnerability scanning
• Security monitoring
• Risk assessment and remediation workflows
• Regular review of third-party components

Automated tooling is used to assist with vulnerability identification and remediation management.

Security issues are prioritised based on severity, exploitability, and operational impact.

---

8. Security Certifications & Compliance

Cambrionix follows industry best practices for cloud security and data protection.

At present, Cambrionix does not hold formal certifications such as:

• ISO 27001
• SOC 2 Type II

However, security governance and compliance processes are continually reviewed as part of the company’s ongoing operational maturity programme.

Cambrionix services are designed to support compliance with applicable UK and EU data protection regulations, including GDPR requirements.