Incident Communication
Yes, we have a defined approach for notifying clients in the event of a security incident that could potentially impact their data or systems.
Notification Criteria: We commit to notifying affected clients within 24 hours of confirming a security incident that involves unauthorized access, data exposure, or any compromise of customer-facing systems. This is done to ensure transparency, enable customer-side risk mitigation, and uphold our security responsibilities.
Communication Method: Clients are notified via email, and our support team remains available to address any questions, concerns, or clarification requests. Clients are encouraged to reach out at any time during or after the incident response process.
Responsibility & Review: Security incidents are reviewed by our internal engineering and security leads, and decisions to notify customers are based on the severity and potential impact of the incident.
This process complements our broader SLA commitments around uptime, maintenance, and operational transparency, and reflects our priority to protect user data and maintain trust.
