Built on Global Standards
Security, privacy, and accessibility are not afterthoughts. They are architectural decisions baked into every layer of the iVMS platform.
The Frameworks We Follow
Each standard addresses a specific dimension of trust — from personal data rights to vehicle security to inclusive design.
The European standard for personal data protection. We ensure every piece of data collected — from license plates to GPS coordinates — is processed lawfully, stored securely, and deletable on request.
The international gold standard for information security. Our entire infrastructure — cloud, edge devices, APIs — operates under a certified information security management system with continuous auditing.
Every interface we build is usable by everyone. Screen readers, keyboard-only users, and people with visual impairments can fully operate our dashboards and public-facing applications.
The UK and international benchmark for vehicle security and telematics. Our hardware and data protocols meet Thatcham certification requirements for vehicle tracking and recovery systems.
Our financial modules and data handling practices align with Islamic finance principles. Revenue collection, fee structures, and contractual frameworks are reviewed by qualified Shariah scholars.
Inclusive by Design
WCAG 2.1 AA is our baseline, not our ceiling. Every interface element is tested for usability across diverse abilities and input methods.
Keyboard Navigation
Every interactive element is reachable and operable via keyboard alone. Tab order follows logical reading flow, and custom components implement proper key handlers.
Focus-Visible Indicators
Clear, high-contrast focus rings appear on every interactive element when navigated via keyboard. No focus state is ever hidden or suppressed.
Alt Text & Image Descriptions
Every image, icon, and visual element carries meaningful alternative text. Decorative images are properly marked so screen readers skip them.
ARIA Labels & Roles
Complex components — modals, tabs, accordions, live data feeds — use proper ARIA attributes so assistive technologies can announce their purpose and state.
Semantic HTML
We use proper heading hierarchy, landmark regions, lists, and table markup. The DOM structure communicates meaning, not just visual layout.
RTL Support
Full right-to-left layout support for Arabic and other RTL languages. Mirrored interfaces, bidirectional text handling, and locale-aware number formatting.
Coverage at a Glance
A detailed mapping of which standards govern each area of our platform operations.
| Compliance Area | GDPR | ISO 27001 | WCAG 2.1 | Thatcham | Shariah |
|---|---|---|---|---|---|
| Data Encryption at Rest | |||||
| Data Encryption in Transit | |||||
| Right to Erasure | |||||
| Access Control & RBAC | |||||
| Audit Trail Logging | |||||
| Keyboard Accessibility | |||||
| Screen Reader Support | |||||
| Incident Response Plan | |||||
| Vendor Risk Assessment | |||||
| Data Residency Controls |
Frequently Asked Questions
Common questions about our compliance posture, certifications, and security practices.
We provide automated tooling for DSARs. Authorized administrators can generate a complete data export for any individual within 48 hours. Our system indexes personal data across all modules, so nothing is missed during extraction or deletion requests.
Yes. Our platform is designed to meet the requirements of the Saudi Personal Data Protection Law (PDPL). This includes data localization options within the Kingdom, explicit consent mechanisms, and purpose limitation controls that align with PDPL mandates.
We conduct external penetration testing quarterly through independent third-party firms. Additionally, we run continuous automated vulnerability scanning and participate in a responsible disclosure program for security researchers.
Yes. iVMS supports on-premises deployment with no external network dependencies. Edge processing nodes can operate fully offline, syncing data when connectivity is restored. This is critical for sensitive government and military installations.
Our infrastructure partners maintain SOC 2 Type II, ISO 27001, ISO 27017, and ISO 27018 certifications. Physical data centers are Tier III+ with redundant power, cooling, and network connectivity. We can provide certificates on request.
Shariah governance applies to our financial modules — toll collection, fine processing, and revenue distribution. Fee structures avoid interest-based mechanisms, and contractual frameworks are reviewed by an independent Shariah advisory board to ensure compliance with Islamic finance principles.
Need Detailed Compliance Documentation?
Request our full compliance pack including certificates, audit reports, and policy documents for your procurement process.