Sign In Get Started

Security Policy

Last Updated: January 28, 2026

Effective Date: January 28, 2026

Legal Documents

Data centers with SOC 2 Type II certification
Physical security controls (biometric access, CCTV, guards)
Redundant power, cooling, and network connectivity
Geographic redundancy for disaster recovery

Enterprise firewalls and intrusion detection/prevention
DDoS protection and mitigation
Network segmentation and access controls
24/7 security monitoring

TLS 1.3 encryption for data in transit
AES-256 encryption for data at rest
Key management using hardware security modules (HSM)
Secure backup and recovery procedures

Secure software development lifecycle (SSDLC)
Regular code reviews and static analysis
Annual penetration testing by third parties
Vulnerability scanning and patching

Multi-factor authentication (MFA) for all staff
Role-based access control (RBAC)
Regular access reviews and least privilege
Comprehensive audit logging

Documented incident response procedures
24/7 security team on-call
Customer notification within 72 hours of confirmed breach
Post-incident analysis and remediation

Questions about our policies?

Our legal and compliance team is available to address any questions or concerns regarding our policies.

Contact Legal Team General Support