Security Policy

Last updated: 24 June 2026

We are committed to protecting the integrity, confidentiality, and availability of user data. This Security Policy outlines the measures we take to safeguard information processed through our Platform.

1. Data Storage and Infrastructure

All user data is stored using Amazon Web Services (AWS), with encryption for data at rest and in transit. We use Cloudflare to protect against threats such as distributed denial-of-service (DDoS) attacks and unauthorized access.

2. Access Control

Access to data is restricted to authorized personnel under role-based access controls and the principle of least privilege. We conduct regular audits of systems and access logs.

3. Monitoring and Risk Management

We maintain procedures to identify, report, and mitigate security incidents, including continuous monitoring and the application of security patches and updates.

4. Limitations

We employ advanced encryption and multi-layered security. Any data transmission over the internet carries inherent risk. We protect data within our systems but are not liable for breaches resulting from third parties or circumstances beyond our reasonable control.

5. Breach Notification

In the event of a personal data breach that may create relevant risk or harm, we will notify the competent supervisory authority and affected users within the timeframes required by applicable law — for Brazil, within three business days of confirming the incident (ANPD Resolution CD/ANPD No. 15/2024; doubled for small-size agents).

6. Data Protection Officer

For security or data-protection concerns, contact admin@knocknock.me.