Data Encryption Policy

Credknow Solutions Private Limited

Purpose

The purpose of this Data Encryption Policy is to ensure the protection and confidentiality of sensitive, personal, and financial information handled by Credknow Solutions Private Limited ("Credknow"). This policy outlines the encryption standards and practices to be followed across all systems, platforms, and processes to mitigate the risk of unauthorized access, data breaches, and cyber threats.

Scope

This policy outlines measures taken for protecting all organization data accessed or stored on any electronic device, computer, network, or system in accordance with the Data Encryption Policy:

• All organization data must be encrypted using methods that make the information unreadable to unauthorized individuals.
• The encryption method used must meet the standards outlined in the Data Encryption Policy.
• Information related to the app is stored on a hosting server located in India.
• Access to this data is limited to staff/employees based on their responsibilities.
• The organization is responsible for protecting all information and ensuring that all data encryption requirements are met.

Compliance Requirements

• Employees who access or store organization data must comply with the Data Encryption Policy.
• This applies to all electronic devices that access and store organization information, including portable devices, external hard disks, and flash drives.
• Failure to comply may result in disciplinary action.

Policy Review and Updates

The organization will regularly review and update the Data Encryption Policy and compliance document as necessary to ensure their continued effectiveness.

System Restoration Capability

In the event of any malfunctions or malicious attempts to compromise the system, the organization's app is equipped with the capability to restore all systems within a prompt timeframe of a few hours. This ensures the continuity and security of the organization's operations.