Security Policy
Last Modified: January 2025
At Trobyx, we take security seriously. This policy outlines the measures we take to protect your data, our infrastructure, and the operational security of our services.
1. Data Protection
1.1 Encryption
- All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher.
- Data at rest is encrypted using industry-standard AES-256 encryption.
- Sensitive credentials (such as API keys and tokens) are hashed and salted.
2. Access Control
Access to production data is strictly limited to authorization personnel. We use multi-factor authentication (MFA) for all internal systems and enforce the principle of least privilege.
3. Compliance & Audits
We regularly conduct internal security audits and vulnerability assessments. Our infrastructure providers (AWS/Google Cloud) are SOC 2 and ISO 27001 certified.
4. Incident Response
We have a dedicated incident response team and a documented process for handling security events. In the event of a data breach, we will notify affected users within 72 hours of discovery, in accordance with GDPR and other applicable laws.
5. Vulnerability Reporting
If you believe you have found a security vulnerability in Trobyx, please report it to us immediately. We appreciate your help in keeping our platform safe.
