Loading dashboard...

Security Policy

Last Updated: 10/7/2025

At Pilotflows, a service provided by Tegi S.à r.l.-S., we prioritize the security of your data and maintain robust security measures across our platform. This policy outlines our commitment to protecting your information through comprehensive security practices.

1. Infrastructure Security

Our infrastructure is built on industry-leading cloud providers with:

  • Secure cloud hosting with AWS infrastructure
  • Regular security patches and updates
  • Network-level firewalls and intrusion detection
  • DDoS protection and mitigation
  • Load balancing for high availability
  • Automated backup systems

2. Data Security

We implement comprehensive data protection measures:

  • Encryption of data in transit using TLS 1.3
  • Encryption of data at rest using AES-256
  • Secure file storage using AWS S3
  • Regular data backups with encryption
  • Strict data access controls
  • Secure deletion procedures

3. Authentication Security

Our authentication system includes:

  • Mandatory email verification
  • Optional two-factor authentication (2FA)
  • Strong password requirements
  • Secure password reset procedures
  • Session management and timeout controls
  • JWT-based authentication tokens
  • Rate limiting on authentication endpoints

4. Payment Security

All payment processing is handled securely:

  • PCI-DSS compliant payment processing through Stripe
  • No storage of full credit card details on our servers
  • Secure payment token handling
  • Encrypted transmission of payment data
  • Regular payment security audits

5. Access Controls

We maintain strict access controls:

  • Role-based access control (RBAC)
  • Principle of least privilege
  • Regular access review and audit
  • Secure API authentication
  • Organization-level permissions
  • Audit logging of access attempts

6. Monitoring and Incident Response

Our security monitoring includes:

  • 24/7 system monitoring
  • Automated threat detection
  • Security incident response procedures
  • Regular security log analysis
  • Vulnerability scanning
  • Incident reporting and notification

7. Compliance and Audits

We maintain compliance through:

  • Regular security assessments
  • Third-party security audits
  • Compliance with GDPR requirements
  • Industry standard security practices
  • Regular policy reviews and updates

8. User Security Responsibilities

Users should maintain security by:

  • Using strong, unique passwords
  • Enabling two-factor authentication
  • Keeping account credentials confidential
  • Reporting suspicious activities
  • Maintaining up-to-date software
  • Following security best practices

9. Security Updates and Notifications

We will notify users of:

  • Security incidents affecting their data
  • Significant security policy changes
  • Required security actions
  • New security features and improvements

10. Contact Information

For security concerns or to report vulnerabilities, contact our security team at: [email protected]

For urgent security issues: [email protected]

Tegi S.à r.l.-S.
15, rue de la Syre
L-5377 Übersyren
Luxembourg