Rigr AI

Location Estimation Service

Our Location Estimation tool harnesses the power of AI to analyse visual
clues of photos or videos, indoors or outdoors, accurately ranking
potential countries and regions the media originates from. The result is a comprehensive list of potential
locations accompanied by confidence scores.

Features

• On-premise or cloud infrastructure based on your needs.
• Use interactively through a web application.
• Non-storage and non-utilisation of any data processed.
• Capable of processing images and videos in multiple file formats.
• Estimates the country or a region the media is captured.
• Includes a cropping tool for analysing most informative sections.

Benefits

• Provides location estimate with confidence score.
• Used by law enforcement agencies to process and analyze evidence.
• Estimation is based on visual clues, not metadata.

£2,150 a user a year

• Free trial available

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ed@rigr.ai. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

848401645000211

Contact

Edward Dixon
+353868532940
ed@rigr.ai

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Our service runs well on a standard server. Very high volume users might require a server with attached GPU.
• System requirements:
  • 16GB RAM
  • 2 CPU cores

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The response time for basic email support is 24 hours, excluding weekends and public holidays. We also offer a higher support tier at an additional cost.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: No
• Support levels: The basic level of support includes 24-hour email response time on weekdays, excluding weekends and public holidays. Our support team will assist with general inquiries, basic troubleshooting, and guidance on using the product. While this level provides timely assistance, it does not include dedicated account management or specialized technical support. ; ; In addition to the basic level of support we provide the services of a Technical Account Manager at an additional cost, tailored to the scope and needs of your project. This dedicated professional will work closely with you to understand your requirements, provide technical guidance and support, and ensure that your project runs smoothly.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: The onboarding process for new users is tailored to the specific implementation they choose: on-premise or on-cloud web interface.For on-cloud web usage, users are provided with credentials that grant them access to the application, ensuring a straightforward and secure login experience. For on-premise implementations, we customise the onboarding process based on the specific technical requirements of the user's environment.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Our service does not store any data from the user, ensuring full privacy and data protection at all times.
• End-of-contract process: At the end of the contract, depending on the implementation chosen by the user, we disable access to our services. For users of the web application, credentials are disabled; For on-premise implementations, our technical team collaborates with the user to determine their preferred method of discontinuing the service. This tailored approach ensures a smooth transition and aligns with the user's specific requirements and preferences.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Our Azure-based service uses scaling rules that automatically deploy additional instances. We can also deploy a copy of our service on the customer's infrastructure.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide regular reports detailing the number of images processed, offering insights into activity and resource usage. ; ; For on-premise setups, we can customise reporting functions to meet the specific requirements of the customer, ensuring tailored insights and visibility into usage metrics.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: In-house
• Protecting data at rest: Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Depending on the chosen implementation—whether it's the cloud-based web app, or an on-premise setup—users will receive the system's output in the relevant format. In the web application, the response is displayed directly within the application. For on-premise setups, the system is customised based on the user's requirements, and export functions can be implemented as needed.
• Data export formats: Other
• Data import formats: Other
• Other data import formats:
  • .jpeg (max 500 MB per file)
  • .png (max 500 MB per file)
  • .jpg (max 500 MB per file)
  • .HEIC (max 500 MB per file)
  • .mp3

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our service uptime is better than 99.8%. Outages not due to notified service updates will attract a pro-rata credit in the subsequent billing cycle or a cash refund.
• Approach to resilience: Available on request.
• Outage reporting: Email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Role based access control.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our approach to security governance integrates policies, processes, and controls to safeguard information integrity, confidentiality, and availability. We assign clear roles and responsibilities and apply role-based access controls. Our governance involves ongoing risk assessments, security audits, and the application of commonly accepted best practices. We also prioritize continuous employee training to maintain security awareness and competence. By proactively detecting (with monitoring and automated alerts) and responding to threats, and using technologies like encryption and multi-factor authentication, we ensure resilience and security.
• Information security policies and processes: Building upon our robust security governance framework, our information security policies and processes are meticulously devised to align with our established principles. We adhere to a data minimisation policy, ensuring that only the data absolutely necessary for delivering our services is collected and stored. This approach reduces potential exposure and simplifies data management.; ; Access to critical systems and data is governed by stringent role-based access controls, regularly reviewed and refined to address emerging security challenges. For each new service, we mandate external logging, accompanied by comprehensive reporting and alerting mechanisms designed to promptly detect any breaches or misuse of credentials.; ; Our risk management process is proactive, involving regular security risk assessments to identify vulnerabilities and implement timely mitigations. We engage third-party security specialists for independent security audits, ensuring adherence to widely accepted best practices.; ; Our reporting structure ensures clear communication and accountability: engineers report security findings to their team leads, who then escalate significant security issues up to the CEO. This ensures that all levels of management are informed and can act swiftly.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our change management approach prioritizes transparency and reliability. We track all changes and provide release notes to users, detailing the updates, enhancements, or fixes implemented. Before any changes are released, the application undergoes rigorous internal testing to ensure stability, functionality and security. This testing phase is conducted using a traceable system, allowing us to monitor and document each step of the process.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Our vulnerability management approach combines automated testing and manual assessments to identify potential vulnerabilities effectively. Additionally, if a vulnerability is reported by a user, we assess its severity and impact to prioritize our remediation efforts. Our global team is available around the clock to promptly address and respond to reported vulnerabilities, ensuring timely resolution. For remediation, we employ a structured approach that includes patch management and mitigation strategies to fix identified vulnerabilities efficiently. Moreover, our vulnerability management approach is regularly reviewed and updated to adapt to evolving threats and technologies, ensuring that we maintain a robust security posture.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We actively monitor our logs and set up real-time alerts to detect suspicious spikes or anomalies in activity. Our global team is available 24/7 to promptly investigate and determine the scope and impact of any detected incidents. Stakeholders are alerted through agreed-upon communication channels as soon as potential compromises are identified. Our protective monitoring processes are continuously reviewed and updated to stay ahead of new threats, leverage emerging technologies, and adapt to organizational changes, ensuring ongoing effectiveness and responsiveness.
• Incident management type: Undisclosed
• Incident management approach: Our incident management processes are designed to ensure a fast response to security incidents. Users can report incidents through e-mail. Our global team is committed to responding promptly to such reports. During an incident, we maintain open communication with stakeholders, providing regular updates on the situation and our progress towards resolution. Post-incident, we conduct thorough analyses to identify the root cause, assess the impact, and derive lessons learned. Incident reports, detailing these findings and actions taken, are then provided to stakeholders to ensure transparency and accountability. Our incident management processes are continuously reviewed and updated.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Law enforcement agencies utilise our Location Estimation Service to analyse evidence and generate metadata for images and videos, expediting investigations.

Pricing

• Price: £2,150 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We provide a limited-time free trial of our cloud-based web app, giving users the chance to fully explore the features and performance. During this trial, users can test the model with their own media, experiencing firsthand how our AI model performs with their specific content.

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ed@rigr.ai. Tell them what format you need. It will help if you say what assistive technology you use.