Security & compliance

We are committed to protecting customer data and maintaining appropriate security practices.

Security program

Provider applies industry-standard security practices designed to protect the confidentiality, integrity, and availability of systems and data.

Technical controls

Security measures include:
· Secure cloud infrastructure
· Encryption in transit (TLS)
· Role-based access controls
· Least-privilege access principles
· Regular system updates and patching

Organisational measures

· Access to production systems is restricted to authorised personnel
· Employees are subject to confidentiality obligations
· Security responsibilities are assigned and reviewed internally

Data handling

· Customer data is processed only in accordance with customer instructions
· Logical separation of customer data
· Provider does not sell customer data

Incident response

Provider maintains procedures to identify, respond to, and mitigate security incidents. Customers will be notified without undue delay of any data breach affecting their data, as required by law.

Compliance

Provider seeks to comply with applicable data protection laws, including GDPR where applicable, and supports customer compliance obligations contractually.

Certifications

Provider does not currently hold formal security certifications (such as SOC 2 or ISO 27001). Provider regularly evaluates its security posture and may pursue certifications as the business matures.

Contact

Security or compliance inquiries can be sent to security@leyrs.com.