Encryption
- In transit: TLS 1.3 for all connections
- At rest: AES-256 encryption for all customer data
Access Control
- Role-Based Access Control (RBAC) with least-privilege defaults
- Multi-Factor Authentication (MFA) enforced for admins
- SSO via SAML for enterprise plans
Infrastructure
Hosted on tier-1 cloud providers with SOC 2 Type II certified data centers in India.
Backups
Daily encrypted backups with 30-day retention and geographic redundancy.
Incident Response
24/7 monitoring with a documented incident response plan and 72-hour breach notification aligned with DPDP Act.
Contact
Security queries: info@compliancehq.in
