Sign in Talk to our team →
Deaimer / Security Policy

Our security.

DEAIMER (SMC-PRIVATE) LIMITED — Effective 1 June 2025

1. Our commitment

DEAIMER (SMC-PRIVATE) LIMITED takes the security of your data seriously. We maintain comprehensive technical and organisational controls designed to protect client data, contributor information, and platform integrity against unauthorised access, disclosure, alteration, and destruction.

2. Certifications and standards

  • SOC 2 Type II — independently audited annually for security, availability, confidentiality, and processing integrity. Available to clients under NDA. Request via compliance@deaimer.com.
  • GDPR compliance — full Data Protection Impact Assessments conducted; DPO appointed; data residency verified for EU clients. DPA templates available on request.
  • Encryption — all data in transit is encrypted with TLS 1.2+; data at rest is encrypted using AES-256.

3. Access controls

  • Role-based access control (RBAC) is enforced across all systems.
  • Multi-factor authentication (MFA) is required for all internal staff and platform administrators.
  • Principle of least privilege is applied — employees access only the data required for their role.
  • All access is logged and auditable.

4. Infrastructure security

  • Production systems are hosted on enterprise-grade cloud infrastructure with 99.9%+ uptime SLAs.
  • Regular vulnerability scanning and penetration testing by third-party specialists.
  • Automated backups with defined recovery point objectives (RPO) and recovery time objectives (RTO).
  • Web application firewall (WAF) and DDoS protection in place.

5. Incident response

We maintain a documented incident response plan. In the event of a confirmed data breach, affected parties will be notified in accordance with applicable law (within 72 hours for GDPR-covered incidents). A post-incident report is provided to affected clients upon request.

6. Responsible disclosure

If you have discovered a potential security vulnerability in our systems, please report it responsibly to compliance@deaimer.com. We ask that you give us a reasonable period to investigate and remediate before any public disclosure. We do not take legal action against good-faith security researchers acting within this policy.

7. Contact

Security enquiries: compliance@deaimer.com