This Information Security Policy summarizes the administrative and technical approach applied to protect Durgan Interact accounts, interaction data, recipient data and platform operations.
1) Purpose and scope
The purpose is to protect the confidentiality, integrity and availability of information processed through the platform. The policy covers account data, recipient lists, interaction content, responses, files, payment notices, API keys, logs and operational records.
2) Access control
Access to application functions is managed through authentication, user permissions, plan features and account boundaries. Users are responsible for keeping passwords, API keys and access tokens confidential and for reporting suspected unauthorized access without delay.
3) Technical and administrative measures
Durgan Interact applies reasonable measures such as encrypted transport where applicable, password hashing, role-based authorization, API key control, input validation, audit logging, backup practices, update management and separation of operational responsibilities.
4) Logging and monitoring
System logs, sending logs, audit records, API usage records and error records may be kept for security, abuse prevention, troubleshooting, dispute review and legal obligations.
5) Supplier and third-party services
The platform may use third-party services for hosting, email delivery, storage, backup, security and support. These services are selected and used considering service continuity, security and legal requirements.
6) Incident handling
Security incidents are evaluated according to their effect on confidentiality, integrity and availability. Corrective actions may include restricting accounts, rotating credentials, disabling suspicious access, notifying affected parties where required and improving controls.
7) No absolute guarantee
No electronic system can provide absolute security. This policy describes the intended security approach and does not constitute a separate certification or uninterrupted service commitment unless explicitly agreed in writing.