Security Policy
Last updated: 24 June 2026
We are committed to protecting the integrity, confidentiality, and availability of user data. This Security Policy outlines the measures we take to safeguard information processed through our Platform.
1. Data Storage and Infrastructure
All user data is stored using Amazon Web Services (AWS), with encryption for data at rest and in transit. We use Cloudflare to protect against threats such as distributed denial-of-service (DDoS) attacks and unauthorized access.
2. Access Control
Access to data is restricted to authorized personnel under role-based access controls and the principle of least privilege. We conduct regular audits of systems and access logs.
3. Monitoring and Risk Management
We maintain procedures to identify, report, and mitigate security incidents, including continuous monitoring and the application of security patches and updates.
4. Limitations
We employ advanced encryption and multi-layered security. Any data transmission over the internet carries inherent risk. We protect data within our systems but are not liable for breaches resulting from third parties or circumstances beyond our reasonable control.
5. Breach Notification
In the event of a personal data breach that may create relevant risk or harm, we will notify the competent supervisory authority and affected users within the timeframes required by applicable law — for Brazil, within three business days of confirming the incident (ANPD Resolution CD/ANPD No. 15/2024; doubled for small-size agents).
6. Data Protection Officer
For security or data-protection concerns, contact admin@knocknock.me.