Security Notice

Last updated: 27/12/2024

This Security Notice explains how Acme Corporation ("we", "us", or "our") implements security measures to protect your data and ensure the safety of our website at susreg.com (the "Site").

Data Security

We take data security seriously and use these measures to protect your information:

  • Encryption: We use TLS 1.3 for data in transit and AES-256 encryption at rest.
  • Access Controls: Role-based access control (RBAC) restricts access to sensitive data. Access is reviewed and revoked when no longer needed.
  • Data Storage: Data is stored on secure servers in US-based AWS data centers.
  • Data Retention: Account information is retained for 90 days after account closure for fraud prevention purposes. Website usage logs are retained for 6 months for analytics and performance monitoring. For detailed information, see our Privacy Policy.
  • Security Assessments: Quarterly penetration testing, vulnerability scanning, and annual third-party audits.
  • Data Minimization: We collect minimal necessary data and anonymize or delete it when no longer needed.

Cybersecurity

Our cybersecurity practices protect against various threats:

  • Firewalls & Intrusion Detection: AWS WAF and Cloudflare protect against malicious traffic.
  • Software Updates: Automatic security updates address vulnerabilities.
  • Secure Development: Security is integrated into our software development lifecycle (SDL).
  • Employee Training: Regular training keeps employees informed on security.
  • Vendor Security: Third-party vendors adhere to strict security standards. Vendor Security Policies
  • Incident Response: Our Incident Response Plan details how we manage security incidents.

Data Breach Notification

In case of a data breach:

  • We'll notify affected users as legally required.
  • We'll investigate and contain the breach.
  • We'll take preventive measures for the future.
  • We'll cooperate with authorities.

Your Responsibilities

You also play a role in security:

  • Strong Passwords: Use strong, unique passwords.
  • Two-Factor Authentication (2FA): Enable 2FA whenever available.
  • Phishing Awareness: Be wary of suspicious links or requests for information.

Reporting Security Vulnerabilities

If you find a security issue, please report it responsibly via email to security@susreg.com. For detailed instructions, visit our Vulnerability Reporting Page.

Security researchers can also find our contact details in the security.txt file.

Contact Us

If you have any questions or concerns about our security practices, or if you believe you have discovered a security vulnerability, please contact us using the Contact form below.