Skip to main content
Learn about Qwoty’s security practices and compliance. At Qwoty, safeguarding your data and ensuring compliance with industry standards are top priorities. This page outlines the measures we take to secure your information and maintain transparency about our security and compliance practices.

Our Commitment to Security

We’ve built a robust security framework to protect your data and ensure our systems meet high security standards. Our key security practices include:
  • Data encryption: We use advanced encryption protocols to secure data in transit and at rest.
  • Access control: Role-based access controls and multi-factor authentication (MFA) restrict access to authorized personnel only.
  • Security testing: Regular penetration testing and vulnerability assessments help identify and mitigate potential risks.
  • Incident management: A dedicated incident response team ensures swift and effective handling of any security incidents.

Compliance Standards

Qwoty complies with globally recognized security and privacy standards, demonstrating our commitment to protecting your data.

GDPR

Qwoty complies with the General Data Protection Regulation (GDPR), ensuring transparency and lawful processing of personal data. Key measures include:
  • Data rights: Users have access, modification, and deletion rights for their personal data.
  • Privacy by design: Data protection is integrated into every aspect of our operations.
  • Vendor management: Third-party processors are vetted to ensure they meet GDPR requirements.

How We Protect Your Data

Qwoty’s security approach encompasses multiple layers:
  1. Network security
    • Firewalls, intrusion detection/prevention systems, and regular vulnerability scans.
    • Network segmentation to isolate sensitive systems.
  2. Application security
    • Secure software development lifecycle (SDLC) practices.
    • Continuous monitoring for suspicious activity and vulnerabilities.
  3. Data protection
    • Encryption of all sensitive data in transit and at rest.
    • Regular backups stored securely to prevent data loss.

Responsible Disclosure Policy

If you discover a security vulnerability in Qwoty, we encourage you to report it responsibly:
  • How to report: Email details to security@qwoty.io with clear reproduction steps.
  • Response timeline: We acknowledge receipt within one week and work promptly toward a fix.
  • Guidelines: Avoid accessing unauthorized data, disrupting services, or sharing the vulnerability publicly before resolution.
This policy covers the Qwoty application hosted at https://qwoty.app and any associated subdomains or services. Please note that we do not accept vulnerability reports related solely to our marketing website (https://qwoty.io), as it does not contain sensitive data. Thank you for helping us keep Qwoty secure.