[ menu ]
Get In Touch

Explore
Privacy Policy

Effective Date: 23.04.2023
image alt
Navigation:
Navigation

    Privacy & Security Policy

    At EchoTechVR, we prioritize the security and protection of your data. This section outlines our approach
    to security, incident management, vulnerability management, and third-party processor management, ensuring
    compliance with industry standards and best practices.

    1. Security Measures

    We implement industry-standard security protocols to protect your personal and business data from unauthorized
    access, disclosure, alteration, and destruction.

    Infrastructure & Hosting

    • Our platform is hosted on Amazon Web Services (AWS), utilizing their secure cloud environment, which
      is ISO 27001, SOC 2, and PCI DSS compliant.
    • AWS security features, including Virtual Private Cloud (VPC), firewalls, and automated backups, ensure
      data integrity and availability.
    • We leverage AWS’s Identity and Access Management (IAM) policies to enforce strict access controls.

    Data Protection & Security

    • Encryption: All sensitive data is encrypted in transit (TLS 1.2/1.3) and at rest (AES-256).
    • Access Controls: We enforce role-based access control (RBAC) to restrict data access to authorized
      personnel only.
    • Network Security: We deploy firewalls, intrusion detection systems (IDS), and AWS Shield for DDoS
      protection.
    • Secure Authentication: Multi-factor authentication (MFA) is required for internal system access.
    • Regular Security Audits: We conduct internal and external security reviews to maintain system integrity.

    2. Incident Management Policy

    EchoTechVR follows a structured incident response plan to detect, investigate, and mitigate security breaches.

    Incident Response Process

    • Detection & Reporting: AWS monitoring tools (e.g., CloudTrail, GuardDuty) and internal security
      measures help detect anomalies.
    • Investigation & Containment: Our security team promptly assesses incidents and mitigates risks.
    • User Notifications: If a breach affects user data, affected parties will be notified as per GDPR, CCPA, and
      other applicable regulations.
    • Post-Incident Review: After an incident, we conduct a root cause analysis (RCA) and implement corrective
      actions to prevent recurrence.

    For security concerns, users can contact our security team at info@echotechvr.com