This document outlines the key security measures and policies implemented at ZÜMI to ensure the safety and privacy of end users’ data.
1. Data Protection and Privacy
Encryption-at-Rest: All user data is encrypted when stored on ZÜMI servers using industry-standard AES-256 encryption, ensuring that data remains protected even in the event of unauthorized access to storage systems.
Encryption-in-Transit: ZÜMI uses TLS (Transport Layer Security) 1.2 or higher to encrypt all data transmitted between the client’s device and our servers, preventing eavesdropping or interception by malicious actors.
Privacy Policy: Our privacy policy outlines how user data is collected, used, stored, and protected. Users can access this policy at any time via our website (https://yourzumi.com/privacy-policy/ ).
Cookies: Our software uses cookies to enhance user experience and track necessary metrics. Users are informed about cookie usage through a cookie banner and can manage their preferences. (https://yourzumi.com/privacy-policy/).
Data Privacy Officer (DPO): We have appointed a DPO to oversee compliance with data protection laws and handle any user inquiries regarding their data privacy rights. Please email at legal@yourzumi.com.
2. Access Control and User Management
Role-Based Access Control (RBAC): RBAC ensures that users only have access to the data and functionalities necessary for their role. Permissions are predefined based on user roles (e.g., Admin, User, Viewer), limiting the risk of unauthorized actions or data exposure.
Password Security: We enforce strong password policies, including minimum length, complexity requirements. Multi-factor authentication (MFA) is enforced and encouraged on key services.
Data Access: Access to user data is strictly controlled and limited to authorized personnel. All access is logged and monitored for compliance.
3. Infrastructure and Physical Security
AWS: ZÜMI’s infrastructure is hosted on AWS, which offers cutting-edge solutions for modern application hosting. AWS provides automatic scaling, globally distributed edge networks, and built-in security features, ensuring robust protection against threats.
Separate Production and Development Environments: Production environments are completely isolated from development and staging environments to prevent unauthorized access and data leakage during development or testing.
Disk Encryption: All disks used in our servers, including backups, are encrypted using AES-256 to ensure the safety of stored data.
4. Threat Detection and Incident Response
Threat Detection: Our system is continuously monitored for threats using advanced tools, including Intrusion Detection Systems (IDS).
Web Application Firewall (WAF): We implement a WAF to protect against common web vulnerabilities such as SQL injection, cross-site scripting (XSS), and other threats.
Anti-DDoS Protections: Our system is protected against Distributed Denial of Service (DDoS) attacks through the use of advanced traffic filtering, rate limiting, and third-party DDoS protection services.
Logging: Comprehensive logging mechanisms track user activity, administrative actions, and system events. Logs are reviewed regularly for unusual patterns and retained according to our data retention policy.
Incident Response Plan: A detailed incident response plan is in place to manage and mitigate the impact of security incidents.
5. Compliance and Transparency
Regular Security Audits: Third-party security audits are conducted to identify and remediate vulnerabilities.
Backup and Recovery: Regular backups are taken and stored securely to ensure quick recovery in case of data loss or system failure.
This document will be updated periodically to reflect any changes or improvements in our security measures. For any questions or concerns, please contact ZÜMI ‘s support team or Data Privacy Officer.
