To generate translation suggestions, Lilt first queries data from public domain "background" data sets such as United Nations and European Parliament data. It then merges your translation memories.
In the diagram below, suppose that User A and User B have both uploaded documents and translation memories. When User B translates, data from User A is sequestered and is never shown to User B.
There are two user authentication methods:
We run edge web servers in the US, Belgium, and Taiwan. A cross-region load balancer routes client traffic to the nearest edge server. Traffic is then routed via Google’s internal private network to our server and database instances, which currently run in the Google’s Iowa data center.
“Google operates its own private global network that spans all of our data centers and our 70+ points of presence, rather than using the public internet for transmission between data centers. Data traveling between a customer’s device and Google is encrypted by default using HTTPS/TLS (Transport Layer Security).”
GCP-internal network traffic is encrypted in-transit.
Raw Client Data files are stored in Google Cloud Storage, which applies AES-256 encryption by default:
“Cloud Storage encrypts user data at rest using AES-256, and each encryption key is itself encrypted with a regularly rotated set of master keys. There is no setup or configuration required, no need to modify the way you access the service, and no visible performance impact. Data is automatically and transparently decrypted when read by an authorized user.”
Extracted Client Data is stored in a Google Cloud SQL database instance. All tables and rows are encrypted with AES-128:
“[Cloud SQL] data is encrypted using the 128-bit Advanced Encryption Standard (AES-128), or better, with symmetric keys: that is, the same key is used to encrypt the data when it is stored, and to decrypt it when it is used. These data keys are themselves encrypted using a master key, stored in a secure keystore, and changed regularly.”
Automatic backups are created daily by and inside GCP.
Client Data is never shared between accounts without user action. A user can share a source document with another user, but this requires explicit entry of an email address and a click.
We store the following Personal Data in Cloud SQL:
Personal Data is collected by and shared with the following third parties:
We do not store Payment Data. It is transmitted via HTTPS to Stripe, our payment provider.
Google Cloud Platform maintains certification with robust security standards, including: