Security & Compliance

1. Infrastructure & Hosting

Our Platform is hosted on secure cloud infrastructure (AWS/Azure/GCP) with redundancy, automated backups, and disaster recovery. Data centers are ISO 27001 and Tier-III+ certified, with strong physical security controls.

2. Data Encryption

• In Transit: All data is encrypted using TLS 1.2+ (HTTPS).
• At Rest: Databases use AES-256 encryption. Passwords are hashed using bcrypt/argon2.

3. Access Control

• Role-based access control (RBAC) with least-privilege principle.
• Multi-factor authentication (MFA) available for accounts.
• Strict approval process for employee access to production data.

4. Application Security

• Secure coding practices aligned with OWASP Top 10.
• Regular penetration tests and vulnerability scans.
• Continuous patch management and threat monitoring.

5. Compliance & Legal

• Compliant with the Indian Digital Personal Data Protection Act, 2023.
• GDPR-aligned practices for EU customers.
• Data Processing Addendum (DPA) available for enterprise customers.

6. Privacy & Confidentiality

We never sell customer data. Processing is done strictly per our Privacy Policy. Customers always retain ownership of their CRM data.

7. Incident Response

We maintain a Security Incident Response Policy. In the event of a breach, affected Customers will be notified promptly with details and remediation steps.

8. Audit & Monitoring

Real-time monitoring, intrusion detection systems, and log retention policies are in place. Regular third-party audits validate our controls.

9. Employee Security

Employees undergo background verification and continuous security training. Access to sensitive systems is strictly controlled and logged.

10. API & Integration Security

APIs use OAuth2 / API keys with rate limiting. All responses are encrypted, and abuse is prevented through throttling and monitoring.

11. Availability & SLA

We target 99.9% uptime with proactive monitoring and redundancy. A public status page will be made available for transparency.

12. Customer Responsibilities

• Enable MFA and follow strong password practices.
• Manage internal user access rights responsibly.
• Ensure compliance of uploaded data with applicable laws.

13. Certifications & Roadmap

We are actively pursuing:

• ISO 27001 certification.
• SOC 2 Type II audit.
• Regular external penetration testing and compliance reviews.

14. Contact Security Team

To report vulnerabilities or security concerns:
📧 security@brijik.com
📞 9987565669
🏢 Mumbai, India