Security & Trust

Your data security is our top priority

Our Commitment to Security

Lorem ipsum dolor sit amet, consectetur adipiscing elit. At Tajo, we implement industry-leading security measures to protect your data and ensure the highest standards of privacy and compliance.

🔒 Data Encryption

Lorem ipsum dolor sit amet, consectetur adipiscing elit. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

🛡️ GDPR Compliant

Duis aute irure dolor in reprehenderit. Fully compliant with GDPR, CCPA, and other international data protection regulations.

🔐 Access Control

Sed ut perspiciatis unde omnis iste. Role-based access control (RBAC) and multi-factor authentication (MFA) for enhanced security.

📊 Regular Audits

Nemo enim ipsam voluptatem. Regular security audits and penetration testing by independent third parties.

Compliance & Certifications

Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet. Tajo maintains the following certifications and compliance standards:

  • GDPR - General Data Protection Regulation compliance
  • CCPA - California Consumer Privacy Act compliance
  • SOC 2 Type II - [In Progress/Completed]
  • ISO 27001 - [In Progress/Completed]

Data Processing

Data Location

Ut enim ad minima veniam, quis nostrum exercitationem. All customer data is stored in secure, geographically distributed data centers.

Data Retention

Quis autem vel eum iure reprehenderit. We retain customer data in accordance with our data retention policy and applicable regulations.

Data Deletion

At vero eos et accusamus et iusto odio. Customers can request data deletion at any time through their account settings or by contacting support.

Security Best Practices

Infrastructure Security

  • Cloud infrastructure hosted on enterprise-grade providers
  • Automated backups with point-in-time recovery
  • DDoS protection and web application firewall
  • Network segmentation and isolation

Application Security

  • Secure coding practices and code reviews
  • Automated security scanning in CI/CD pipeline
  • Regular dependency updates and vulnerability patching
  • Input validation and output encoding

Operational Security

  • 24/7 security monitoring and incident response
  • Employee security training and awareness programs
  • Background checks for all employees with data access
  • Comprehensive logging and audit trails

Incident Response

Similique sunt in culpa qui officia deserunt. In the unlikely event of a security incident, we have a comprehensive incident response plan that includes:

  1. Immediate detection and containment
  2. Impact assessment and analysis
  3. Customer notification (as required by law)
  4. Remediation and prevention measures
  5. Post-incident review and improvement

Third-Party Security

Et harum quidem rerum facilis est. We carefully vet all third-party service providers and require them to maintain security standards equivalent to our own.

Brevo Integration Security

Our integration with Brevo follows industry best practices for API security, including:

  • Secure API key management
  • Encrypted data transmission
  • Minimal data sharing (only what's necessary)
  • Regular security reviews of integration points

Report a Security Issue

If you discover a security vulnerability, please report it responsibly to:

  • Email: [email protected]
  • We commit to acknowledging reports within 24 hours
  • We maintain a responsible disclosure policy

Questions?

For questions about our security practices, please contact: