Last Updated: September 2025

IbexBit LLC (“IbexBit,” “we,” “our”) is committed to maintaining strong security practices to protect the confidentiality, integrity, and availability of information entrusted to us. This Security & Data Protection Policy outlines the measures we take to safeguard client data, internal systems, and digital assets.

1. Our Security Commitment

We follow industry-standard practices to protect information from unauthorized access, misuse, loss, or disclosure. Our approach is based on:

• Preventive security measures
• Continuous monitoring
• Risk-based assessment
• Secure development practices
• Regular updates and maintenance

Security is an essential part of our operations and service delivery.

2. Data Handling & Storage

a) Access Control

Access to client information is strictly limited to authorized personnel who require it for operational purposes.

b) Data Storage

Client data may be stored in:

• Secure cloud environments
• Encrypted databases
• Access-controlled internal systems

We select reputable cloud providers that maintain strong security certifications (e.g., SOC 2, ISO 27001).

c) Data Minimization

We collect and store only the information necessary to provide our services.

3. Encryption

a) Data in Transit

We use industry-standard encryption (e.g., HTTPS/TLS) for all data transmitted between clients, servers, and internal systems.

b) Data at Rest

Sensitive information stored in our systems or cloud platforms is encrypted to prevent unauthorized access.

4. Secure Development Practices

As a technology company, we apply secure coding and development practices:

• Use of modern frameworks with built-in security features
• Internal code reviews before deployment
• Regular patching and updates
• Environment separation (development, testing, production)
• Dependency and vulnerability scanning

These practices help maintain stable, secure software systems.

5. Monitoring & Incident Response

We maintain structured processes to detect and respond to potential security issues:

Monitoring

• System activity logs
• Access tracking
• Alerts for suspicious behavior

Incident Response

If a security event occurs:

• The issue is immediately investigated
• Impact assessment is performed
• Affected systems are secured
• Necessary notifications are made
• Preventive measures are implemented to avoid recurrence

6. Third-Party Services

Some parts of our operations rely on trusted third-party providers such as:

• Cloud infrastructure providers
• Analytics tools
• Payment processors
• Email or communication platforms

We carefully vet partners to ensure they follow reliable security practices. However, IbexBit cannot control the security of systems outside our infrastructure. IbexBit does not store or process payment card or banking information on its own systems.

7. Employee Practices

All internal team members are required to:

• Use secure authentication methods
• Follow password and device security guidelines
• Access only the data required for their role
• Maintain confidentiality of client information

Internal access is monitored and reviewed periodically.

8. Client Responsibilities

To maintain secure communication and service delivery, clients should:

• Provide accurate information
• Keep access credentials confidential
• Notify us of unauthorized activity
• Ensure their own systems follow basic security practices

Security is a shared responsibility between IbexBit and each client.

9. Data Retention & Deletion

Client data is retained only as long as necessary to deliver services or as required by law. Upon request, we can delete or anonymize data, subject to contractual or legal obligations.

10. Updates to This Security Policy

We may update this policy periodically to reflect:

• Evolving security practices
• Changes in technology
• Compliance requirements

The most recent version will always be posted on this page.

11. Contact Information

If you have questions about our security practices, contact us:

Company:IbexBit LLC

Email: contact@ibexbit.com