Incident Response

Security Incident Response

We maintain a comprehensive incident response program to detect, respond to, and recover from security incidents while keeping our customers informed.

Our Commitment

In the event of a security incident affecting your data, we commit to:

Notify affected data controllers within 72 hours of confirmed breach
Provide clear information about the nature and scope of the incident
Share steps we are taking to contain and remediate the issue
Cooperate fully with your incident response and regulatory requirements

Incident Classification

Critical (P1)

Active data breach, system compromise, or service unavailability affecting all users

Response: Immediate (within 1 hour)

Notification: Within 24 hours to affected parties

High (P2)

Potential data exposure, significant security vulnerability, or major service degradation

Response: Within 4 hours

Notification: Within 72 hours to affected parties

Medium (P3)

Security anomaly, minor vulnerability, or limited service impact

Response: Within 24 hours

Notification: As appropriate based on impact

Low (P4)

Informational security event, potential improvement area

Response: Within 72 hours

Notification: Typically not required

Response Process

Phase 1

Detection & Triage

Automated monitoring and alerting systems detect anomalies. On-call engineers assess severity and classify the incident.

Phase 2

Response Team Assembly

Incident commander assembles response team including security, engineering, and communications personnel as needed.

Phase 3

Containment & Mitigation

Immediate actions to contain the incident, prevent further impact, and begin mitigation measures.

Phase 4

Communication

Notify affected customers and stakeholders with clear information about the incident and our response.

Phase 5

Recovery & Review

Restore normal operations, conduct post-incident review, implement improvements to prevent recurrence.

Communication Channels

During an incident, we communicate through the following channels:

Email Notification

Direct email to account administrators and designated security contacts

Status Page

Real-time updates on service status and incident progress

In-App Notification

Banner notifications for active incidents affecting your usage

Post-Incident Report

Detailed report with root cause analysis and preventive measures

Report a Security Issue

If you discover a security vulnerability or believe your data may have been compromised, please contact our security team immediately.

Contact Security Team