1. Security Commitment
We are committed to protecting system and user data by applying internationally recognized security measures.

2. Technical Measures

• Use of HTTPS/SSL encryption for all data transmissions.
• Encryption of sensitive data in the database.
• Firewall protection, DDoS mitigation, and 24/7 system monitoring.
• Regular updates of software, frameworks, and security libraries.

3. Access Control

• Multi-Factor Authentication (MFA) for administrators.
• Access rights limited according to the principle of “least privilege.”
• Logging and monitoring of login and critical actions.

4. Data Backup and Recovery

• Data is regularly backed up and stored securely.
• Disaster Recovery (DR) plan in place to ensure business continuity.

5. Vulnerability Management

• Regular security assessments (penetration testing, vulnerability scans).
• Established process to receive and respond to external vulnerability reports.

6. User Responsibilities

• Users must keep their login information confidential and not share accounts.
• Immediately notify us if unauthorized access is detected.