We take security seriously. Our systems are designed to prevent breaches — but if one occurs, we act fast to contain and resolve it while keeping you informed.

Incident Response Plan

  • Prepared Protocols – A documented response plan outlines how we detect, contain, and resolve security incidents.
  • Compliance-Driven – We follow the Notifiable Data Breach scheme and relevant privacy laws.

Breach Notification

  • Timely Updates – If your data is affected, we notify you without delay.
  • Clear Communication – Notifications explain what happened, what data was involved, and what’s being done.

Penetration Testing

  • Internal Assessments – Our technical team conducts regular penetration tests against our platform, including web applications, APIs, and infrastructure components, using industry-standard tools and methodologies.
  • OWASP-Based Methodology – Testing is guided by the OWASP Top 10 and includes checks for authentication flaws, injection vulnerabilities, misconfigurations, access control issues, and more.
  • Risk-Based Remediation – Any identified issues are triaged by severity and resolved promptly. We maintain internal records of findings and remediation actions.
  • Part of Ongoing Security Posture – Penetration testing is integrated into our broader security process alongside code reviews, automated vulnerability scans, and patch management.