Logo
Security Policy

EFFECTIVE DATE: Oct 30, 2024

This Security Policy outlines the measures and practices that Ooulet ("we," "our," or "us") employs to protect the data, privacy, and security of its users ("you," "your") and their businesses. By using Ooulet, you agree to the security practices outlined in this policy.
  1. Purpose
    1. The purpose of this Security Policy is to ensure the confidentiality, integrity, and availability of user data and to protect the Ooulet platform from security threats, vulnerabilities, and unauthorized access.
  2. Scope
    1. This policy applies to:
      1. All users of the Ooulet platform.
      2. All data, content, and transactions conducted on the Ooulet platform.
      3. Ooulet employees, contractors, and any third parties with access to the platform's infrastructure or data.
  3. Security Principles
    1. Ooulet is committed to the following core security principles:
      1. Confidentiality:
        1. Ensuring that user data is accessible only to authorized individuals and systems.
      2. Integrity:
        1. Protecting data from unauthorized alteration or corruption.
      3. Availability:
        1. Ensuring the platform and its services are available to users when needed, with minimal disruptions.
  4. Data Protection and Encryption
    1. Ooulet employs various methods to protect user data, including encryption and secure storage.
    1. Encryption
      1. Data in Transit:
        1. All data transferred between the Ooulet platform and users is encrypted using industry-standard encryption protocols (e.g., SSL/TLS).
      2. Data at Rest:
        1. Sensitive data, such as user passwords and financial information, is encrypted while stored in our databases.
    2. Secure Storage
      1. User data is stored on secure servers that are protected by firewalls, access controls, and encryption mechanisms.
      2. Access to sensitive data is restricted to authorized personnel only, and all access is logged for auditing purposes.
  5. Access Control
    1. Ooulet uses strict access control measures to ensure that only authorized individuals have access to sensitive systems and data
    1. User Authentication
      1. Password Protection:
        1. Users must create strong, unique passwords to access their accounts. Passwords are stored using secure hashing algorithms.
      2. Two-Factor Authentication (2FA):
        1. Ooulet encourages users to enable 2FA for an additional layer of security.
    2. Role-Based Access Control (RBAC)
      1. Ooulet restricts access to certain features and data based on user roles (e.g., admin, editor, viewer) to ensure that individuals only have access to what is necessary for their role.
  6. Monitoring and Auditing
    1. Ooulet continuously monitors its systems for unusual activity, potential security breaches, and vulnerabilities.
    1. Real-Time Monitoring
      1. Ooulet employs real-time monitoring tools to detect and respond to security threats, unauthorized access, and system failures.
    2. Auditing and Logging
      1. All access to sensitive data and systems is logged for audit purposes. Logs are regularly reviewed to identify any suspicious activity or violations of security policies.
  7. Vulnerability Management
    1. Ooulet is committed to identifying, mitigating, and resolving security vulnerabilities in a timely manner.
    1. Regular Security Audits
      1. We conduct regular security audits and vulnerability assessments to identify and mitigate potential risks.
    2. Patching and Updates
      1. Ooulet ensures that its software and systems are up to date with the latest security patches and updates to protect against known vulnerabilities.
  8. Incident Response
    1. In the event of a security breach or incident, Ooulet has established procedures for detecting, responding to, and resolving security incidents.
    1. Incident Detection
      1. Ooulet's monitoring systems are designed to detect potential security incidents, such as unauthorized access or data breaches, in real-time.
    2. Incident Response Plan
      1. Ooulet has an incident response plan that includes procedures for:
        1. Containing the incident.
        2. Investigating the root cause.
        3. Mitigating any damage.
        4. Communicating with affected users.
        5. Reporting to the relevant authorities, if required.
  9. User Responsibilities
    1. While Ooulet is committed to protecting user data, users also have responsibilities to ensure the security of their accounts.
    1. Secure Passwords/OTP
      1. Users should create strong, unique passwords and change them regularly. Avoid using the same password across multiple platforms.
    2. Enabling Two-Factor Authentication
      1. Ooulet strongly encourages users to enable Two-Factor Authentication (2FA) for additional account protection.
    3. Reporting Security Issues
      1. Users should report any suspected security vulnerabilities or breaches to Ooulet's support team immediately at support@ooulet.com.
  10. Data Privacy and Compliance
    1. Ooulet complies with all relevant data protection and privacy regulations, including but not limited to:
      1. The India Digital Personal Data Protection Act 2023 (DPDPA)
    2. We ensure that user data is handled in accordance with these laws and that user rights regarding data access, modification, and deletion are respected.
  11. Third-Party Service Providers
    1. Ooulet integrates with third-party service providers (e.g., payment gateways, hosting services, plugins). We ensure that these third parties maintain appropriate security measures to protect user data.
      1. Vendor Security Reviews
        1. Ooulet conducts security reviews of third-party vendors before integrating their services into the platform.
        2. We ensure that third-party services comply with our security and data protection standards.
  12. Security Awareness and Training
    1. Ooulet provides regular security training and awareness programs for its employees and contractors to ensure they understand and adhere to security best practices.
  13. Changes to the Security Policy
    1. Ooulet reserves the right to update or modify this Security Policy at any time.
    2. Users will be notified of any significant changes via email or in-app notifications.
    3. Continued use of the Ooulet platform after such changes constitutes acceptance of the updated policy.
  14. Contact Information
    1. If you have any questions, concerns, or reports regarding security issues or vulnerabilities, please contact us at: support@ooulet.com
      2. By using Ooulet, you acknowledge that you have read and understand this Security Policy and agree to comply with the security practices and responsibilities outlined herein.
Logo

We’re your innovation partner, delivering cutting-edge solutions that elevate your business to the next level.

Ooulet

HomeOur StoryOoulet PoliciesMission, Vision and Values

Support

FAQsContact usHelp CenterBanned Products

Address

Ooulet Technology Pvt. Ltd.
2nd Floor, Elegant Tower, Near kajaria Showroom, Delhi Road, Roorkee, Uttarakhand - 247667

© Copyright 2025, All Rights Reserved by Ooulet Technology Pvt. Ltd.

github [#142]Created with Sketch.