We use cookies to keep the site stable, remember basic preferences, and understand which pages are useful. You can accept, reject, or review the settings before continuing.
Technical and organizational measures to ensure the confidentiality, integrity, and availability of corporate information.
All data at rest and in transit is protected with AES-256 encryption and TLS 1.3. Keys are rotated every 90 days.
Multi-factor authentication (MFA) and role-based access control (RBAC) policies. Monthly permission audits.
Processing through PCI DSS certified gateways. We do not store card data on our servers.
Documented protocol for detection, containment, and recovery. Target response time: less than 2 hours.
We comply with international information security standards (ISO 27001) and conduct annual external audits. To report a vulnerability, write to info@thetuttogroup.com.