Security Policy
Effective Date: February 14, 2025
Introduction
At Official Unofficial, Inc. ("Company," "we," "us," or "our"), security is a top priority. This Security Policy outlines the measures we take to protect our systems and your data when you use our website, application, or services (collectively, the "Services").
Our Security Practices
Infrastructure Security
- Cloud Security: Our infrastructure is hosted on secure cloud platforms that maintain industry-standard certifications (e.g., ISO 27001, SOC 2).
- Network Security: We employ firewalls, intrusion detection systems, and network monitoring to protect our network perimeter.
- Regular Updates: We regularly update our systems and software with the latest security patches.
Data Protection
- Encryption: We use industry-standard encryption protocols (TLS) to protect data in transit. Sensitive data at rest is encrypted using strong encryption algorithms.
- Access Controls: We implement strict access controls and follow the principle of least privilege. Access to production systems and customer data is limited to authorized personnel only.
- Backup Procedures: We maintain regular backups of critical data to prevent data loss in case of technical failures.
Vulnerability Disclosure
We appreciate the work of security researchers in improving the security of our Services. If you believe you have discovered a security vulnerability, we encourage you to report it to us responsibly.
How to Report
Please send vulnerability reports to security@officialunofficial.com. Your report should include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any supporting materials (e.g., screenshots, logs)
What to Expect
- We will acknowledge receipt of your report within 48 hours.
- We will investigate all legitimate reports and do our best to address any issues in a timely manner.
- We will keep you informed about our progress in resolving the issue.
- We will recognize your contribution if you are the first to report a unique vulnerability and work with us during remediation.
User Security Recommendations
While we implement strong security measures on our end, security is a shared responsibility. We recommend the following practices to enhance your security:
- Keep your devices and software up to date with the latest security patches.
- Be vigilant about phishing attempts and suspicious communications.
- Review your account activity regularly and report any suspicious activity to us.
Changes to This Security Policy
We may update our Security Policy from time to time. We will notify you of any changes by posting the new Security Policy on this page and updating the "Effective Date" at the top. You are advised to review this Security Policy periodically for any changes.
Contact Us
If you have questions or concerns about our security practices, please contact us at:
Email: security@officialunofficial.com
BY USING THE SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ THIS SECURITY POLICY AND AGREE TO BE BOUND BY ITS TERMS.