Page

Security Measures Summary

Last updated on October 18, 2025

We are committed to protecting the security and privacy of your data. Below is an overview of the technical and organizational measures we implement to safeguard personal data processed through our services.

1. Data Encryption

All data is encrypted in transit using TLS 1.2 or higher.
Sensitive data is encrypted at rest using AWS-managed encryption algorithms.

2. Access Controls

Access to production systems and customer data is restricted to solely the 2 founders.
Role-based access controls (RBAC) are enforced.
Multi-factor authentication (MFA) is required for all administrative access.

3. Data Segregation

Customer data is logically separated to prevent unauthorized access between accounts.

4. Monitoring and Logging

Systems are continuously monitored for unauthorized access and unusual activity.
Security logs are retained and regularly reviewed.

5. Vulnerability Management

Regular vulnerability scans and security assessments are conducted.
Critical security patches are applied promptly.

6. Data Backup and Recovery

Regular backups are performed and securely stored.
Disaster recovery and business continuity plans are in place and tested periodically.

7. Sub-processor Security

We assess the security practices of all sub-processors before engagement.
Sub-processors are required to meet or exceed our security standards.

8. Incident Response

A documented incident response plan is in place.
Customers are notified without undue delay in the event of a data breach affecting their data.

Questions?

For more information about our security practices, please contact us.