Privacy Policy

Last Updated Date : 08/26/2020

We at ("," "we," "us," "our") know that our users ("you," "your") care about how your personal information is used and shared, and we take your privacy seriously. Please read the following Privacy Policy (the "Privacy Policy"). By visiting or using the website or application, and any other linked pages, features, content, or any other services we offer from time to time in connection therewith (collectively, ""), you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent that we will collect, use, and share your information in the following ways. This Privacy Policy only applies to products and services related to; other products and services provided by may be governed by separate privacy policies.

Data Protection Policy

Network Protection

Virtual network resources are protected by Next Gen Firewall. Firewall deny access to unauthorized IP addresses. Public access to the database through the network is disabled and standard ports are closed.

Access Management

We assign a unique ID to each person with computer access to Amazon Information. Access rights are provided to employees based on their role within the company and are progressive, based on their responsibility. The list of people and services with access to Amazon Information are reviewed on a regular basis, and remove accounts that no longer require access by system developers.

Encryption in Transit

All data in transit must be accomplished over TLS/HTTPS. In the case we are working with legacy systems, we highly recommend converting to HTTPS, as we must enforce this security control on all applicable external endpoints used by customers as well as internal communication channels and operational tooling. Unsecured communication channels will be disabled.

Incident Response Plan

Plans and Tooling will be in place to detect and handle security incidents, which identify the incident response roles and responsibilities, define incident types that may impact third-parties, define incident response procedures for defined incident types, and define an escalation path and procedures to escalate Security Incidents to respective parties. Such Plans and Tooling will be reviewed and verify the plan every 6 months. Data breaches require the client (customer), users, third-party APIs and all other parties to be notified within 24 hours.

Request for Deletion and Return

We will respond with data requests within 72 hours and you may ask for data to be permanently deleted, with written confirmation after it is completed.

Encryption and Storage

All PII data is stored in an encrypted (AES-256, or RSA with 2048-bit key size). The cryptographic materials and cryptographic capabilities used for encryption will only accessible to the our processes and services, and will never be shared. Data will never be persisted using removable media (e.g., USB) or unsecured public cloud applications (e.g., public links made available through Google Drive) unless their is written consent via the client.

Logging and Monitoring

We have our own proprietary logging and monitoring system which gathers logs to detect security-related events to Applications and systems. All logs are only accessible privately by us and we prevent any unauthorized access and tampering throughout their lifecycle. Our internal system contains mechanisms to monitor the logs and all system activities to trigger investigative alarms on suspicious actions. In case their is an incident, it will be dealt with in accordance with our Incident Response Plan. Anomalies are detected by scanning user activity. The risk is evaluated by looking at over 30 different risk indicators, grouped into risk factors, as follows:
- Risky IP address
- Login failures
- Admin activity
- Inactive accounts
- Location
- Impossible travel
- Device and user agent
- Activity rate
Based on the policy results, security alerts are triggered. App Security looks at every user session on the system.

What information does collect?

We DO NOT collect and store any information in our website.

How does use cookies?

A cookie is a string of information that a website stores on a visitorís computer, and that the visitorís browser provides to the website each time the visitor returns. We use cookies to identify and track visitors, their usage of our website, and their website access preferences. We also use cookies to help us to improve the performance of our website to provide you with a better user experience.

Will share any of the information it receives?

We neither rent nor sell your Personal Information to anyone. We DO NOT share your Personal Information (in personally identifiable form) with third parties

Protection of and others

We may release Personal Information when we believe in good faith that release is necessary to comply with the law or in response to any request from any law enforcement agency or other governmental organization; to enforce or apply our conditions of use and other agreements; or to protect the rights, property, or safety of, our employees, our users, or others. This includes exchanging Personal Information with other companies and organizations for fraud protection and credit risk reduction.

Changes to this privacy policy

We may amend this Privacy Policy from time to time. Use of information we collect is subject to the Privacy Policy in effect at the time such information is used. If we make changes in the way we use Personal Information, we will post the changes to the website and/or send you an email prior to the change becoming effective.