Security Policy - Elbenscha

Our Security Commitment

Elbenscha implements enterprise-grade security protocols to safeguard your data. Our policies comply with ISO 27001, SOC 2 Type II, and GDPR standards, ensuring maximum protection for both customers and our systems.

📅 Effective: 2025-09-18 🕒 Last Revised: 2025-09-16

Technical Security Measures

• AES-256 encryption for data at rest and in transit
• Multi-Factor Authentication (MFA) for all user accounts
• Regular penetration testing by certified third parties
• Zero Trust Architecture for network access control
• Automated threat detection with AI-powered monitoring

Data Protection

Personal data is pseudonymized and never stored in plain text.

All sensitive communications use TLS 1.3 with certificate pinning.

Session tokens expire after 24 hours of inactivity.

Security Incident Response

24/7 monitoring via AI-driven anomaly detection

Containment within 1 hour of verified threat detection

Full incident report delivered to affected users within 72 hours

All security patches applied within 6 hours of critical vulnerability discovery

Third-Party Integrations

🔒

Google Analytics

Anonymized IP addresses with GDPR-compliant tracking

💳

Stripe

PCI DSS Level 1 compliant payment handling