CutQ LogoCutQ
🔐

Security & Data Protection

Learn how we protect your data and ensure secure transactions on our platform.

Last updated: January 1, 2025

1. Our Commitment to Security

At CutQ, we take the security of your personal information and payment data very seriously. We implement industry-standard security measures to protect your data from unauthorized access, disclosure, alteration, and destruction.

Our security practices are regularly reviewed and updated to ensure we maintain the highest standards of data protection.

2. Data Encryption

Data in Transit

  • All data transmitted between your device and our servers is encrypted using TLS 1.3
  • HTTPS encryption is enforced across all pages of our website
  • API communications use end-to-end encryption

Data at Rest

  • All stored data is encrypted using AES-256 encryption
  • Database encryption keys are managed separately from data
  • Regular encryption key rotation is performed

3. Payment Security

PCI DSS Compliance

We are committed to maintaining PCI DSS (Payment Card Industry Data Security Standard) compliance to ensure the secure handling of credit card information.

Secure Payment Processing

  • We partner with certified payment processors (Stripe, PayPal)
  • Credit card information is never stored on our servers
  • All payment data is tokenized for additional security
  • 3D Secure authentication is supported for enhanced protection

Fraud Prevention

  • Real-time fraud detection and monitoring
  • Machine learning algorithms to identify suspicious transactions
  • Multi-factor authentication for sensitive operations
  • Regular security audits and penetration testing

4. Account Security

Password Protection

  • Passwords are hashed using bcrypt with salt
  • Strong password requirements enforced
  • Password reset functionality with secure tokens
  • Account lockout protection against brute force attacks

Two-Factor Authentication

  • SMS-based OTP verification available
  • Email verification for account changes
  • Session management with automatic timeout

5. Infrastructure Security

Server Security

  • Servers hosted in secure, certified data centers
  • Regular security patches and updates
  • Firewall protection and intrusion detection systems
  • 24/7 monitoring and incident response

Access Controls

  • Role-based access control (RBAC) for all systems
  • Multi-factor authentication for administrative access
  • Regular access reviews and privilege audits
  • Principle of least privilege enforced

6. Data Privacy & GDPR Compliance

Data Minimization

We only collect and process personal data that is necessary for providing our services. Data is retained only for as long as required by law or business necessity.

Your Rights

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing

7. Incident Response

Security Incident Procedures

  • 24/7 security monitoring and alerting
  • Dedicated incident response team
  • Immediate containment and investigation procedures
  • Notification to affected users within 72 hours
  • Cooperation with law enforcement when necessary

Business Continuity

  • Regular data backups with encryption
  • Disaster recovery procedures tested quarterly
  • Redundant systems and failover capabilities
  • Service level agreements for uptime

8. Third-Party Security

We carefully vet all third-party service providers and require them to maintain appropriate security standards:

  • Due diligence assessments for all vendors
  • Contractual security requirements
  • Regular security reviews and audits
  • Data processing agreements (DPAs) in place

9. Security Best Practices for Users

Protect Your Account

  • Use a strong, unique password for your CutQ account
  • Enable two-factor authentication when available
  • Log out of your account when using shared devices
  • Keep your contact information up to date
  • Report suspicious activity immediately

Safe Browsing

  • Always access CutQ through our official website
  • Look for the padlock icon in your browser's address bar
  • Be cautious of phishing emails or suspicious links
  • Keep your browser and devices updated

10. Contact Our Security Team

If you have security concerns or want to report a potential vulnerability:

  • Security Email: security@cutq.store
  • General Contact: contact@cutq.store
  • Phone: +91 8197970532
  • Address: New Delhi, IN 110001

We appreciate responsible disclosure of security vulnerabilities and will work with security researchers to address any issues promptly.