Security Policy
Trust is the foundation of FoodsLinkX. This document outlines the technical measures we implement to protect your data.
1. Data Encryption
We utilize enterprise-grade encryption to protect your data both when it is being transmitted and when it is stored.
2. Infrastructure Security
FoodsLinkX is hosted on top-tier cloud providers (e.g., AWS/Vercel) that maintain rigorous physical and logical security controls.
- DDoS protection and Web Application Firewall (WAF) enabled.
- Network segregation using Virtual Private Clouds (VPC).
- Regular system patching and dependency updates.
3. Access Control
We strictly limit access to your data based on the principle of least privilege.
- Role-Based Access Control (RBAC): Employees only access data necessary for their role.
- Multi-Factor Authentication (MFA): Enforced for all internal administrative access.
- Audit Logs: All internal access to production data is logged and monitored.
4. Payment Security
We do not store your credit card information on our servers.
All payments are processed securely by PCI-DSS Level 1 compliant payment providers. We only retain a token for recurring billing.
5. Audits & Monitoring
We employ continuous monitoring to detect and respond to threats in real-time.
- Automated vulnerability scanning of code and infrastructure.
- 24/7 logging of system health and security events.
- Annual third-party security assessments.
6. Incident Response
In the unlikely event of a security breach, we have a detailed Incident Response Plan. Our team is trained to identify, contain, and mitigate threats immediately. We are committed to notifying affected users within 72 hours of confirming a data breach.
7. Backups & Recovery
We ensure your business continuity through robust backup strategies.
- Daily BackupsAutomated encrypted backups of all databases.
- RedundancyData replicated across multiple availability zones.
- Retention30-day point-in-time recovery capability.
- TestingRegular drills to verify restoration integrity.
8. Employee Training
Security is a human effort. All FoodsLinkX employees undergo mandatory security awareness training upon hire and annually thereafter. This includes phishing simulations, secure coding practices, and data handling procedures.
9. Vulnerability Disclosure
We value the security research community. If you believe you have found a vulnerability in FoodsLinkX, please report it to us immediately. We pledge to investigate all reports and resolve confirmed issues promptly.
10. Contact Security
If you have questions about our security practices or need to report an incident, please contact our security team directly.