We are committed to protecting the integrity, confidentiality, and availability of user data. This Security Policy outlines the measures we take to safeguard information processed through our Platform.
1. Data Storage and Infrastructure. All user data is stored using Amazon Web Services (AWS), with encryption for data at rest and in transit. We use Cloudflare to protect against threats such as distributed denial-of-service (DDoS) attacks and unauthorized access.
2. Access Control. Access to data is restricted to authorized personnel under role-based access controls and the principle of least privilege. We conduct regular audits of systems and access logs.
3. Monitoring and Risk Management. We maintain procedures to identify, report, and mitigate security incidents, including continuous monitoring and the application of security patches and updates.
4. Limitations. We employ advanced encryption and multi-layered security. Any data transmission over the internet carries inherent risk. We protect data within our systems but are not liable for breaches resulting from third parties or circumstances beyond our reasonable control.
5. Breach Notification. In the event of a personal data breach that may create relevant risk or harm, we will notify the competent supervisory authority and affected users within the timeframes required by applicable law — for Brazil, within three business days of confirming the incident (ANPD Resolution CD/ANPD No. 15/2024; doubled for small-size agents).
6. Data Protection Officer. For security or data-protection concerns, contact admin@knocknock.me.