99exch Logo
Login

Security & Data Protection Policy

Security & Data Protection Policy

1. Purpose

This Policy explains technical and organizational measures implemented by my99exch.id to protect user data against unauthorized access, alteration, or loss.

2. Security Principles

Our approach is based on four pillars: Confidentiality, Integrity, Availability, and Accountability. Every employee and contractor must follow these principles.

3. Encryption & Transmission Control

  • All communications use HTTPS with SSL/TLS encryption.

  • Passwords and sensitive tokens are hashed and salted.

  • We discourage sending PII through unsecured channels like WhatsApp.

4. Server Security

Our servers are hosted in tier-III data centres with:

  • Firewalls and intrusion-detection systems;

  • 24/7 monitoring for anomalous activity;

  • Regular patch and backup cycles.

5. Access Control

User data access is restricted to authorized personnel only. Multi-factor authentication and role-based permissions apply.

6. Data Retention and Deletion

Personal data is retained only for necessary periods defined in our Privacy Policy. Upon expiry, data is securely erased or anonymized.

7. Incident Response Plan

In case of suspected breach:

  1. Incident is logged and assigned a severity level.

  2. Containment and forensic analysis begin within 24 hours.

  3. Users are notified if there’s risk to their rights.

8. Third-Party Processors

When we engage service providers (hosting, analytics, email), we evaluate their security certifications (ISO 27001, SOC 2) and require data-processing agreements.

9. User Responsibilities

Users should:

  • Use strong passwords and update them regularly.

  • Avoid public Wi-Fi for login sessions.

  • Report suspicious emails to support@my99exch.id.

10. Continuous Monitoring & Review

We perform quarterly security audits and penetration tests. Findings inform policy revisions and technical improvements.

11. Compliance

Our security measures comply with relevant data-protection laws including the Indian Digital Personal Data Protection Act 2023 and GDPR principles for cross-border data handling.

12. Updates

This policy is reviewed semi-annually and updated as technology or law changes.

Summary: my99exch.id uses industry-grade security protocols to protect user data and continuously monitors systems for compliance and safety.

WhatsApp Get ID Now