Information Security Overview
Technical and organizational measures to protect the ZINFI.AI platform
Effective Date: January 1, 2026
Last Updated: February 2, 2026
At ZINFI Technologies, Inc. ("ZINFI"), we understand that our collaborative community thrives on trust. This document provides a high-level summary of the technical and organizational measures we implement to protect the ZINFI.AI platform and our members' data.
1. Governance and Risk Management
We maintain a comprehensive information security program designed to identify, assess, and manage risks to the confidentiality, integrity, and availability of our systems.
2. Technical Safeguards
- Encryption: Data is encrypted at rest and in transit using industry-standard protocols (e.g., TLS/SSL).
- Access Control: We follow the principle of "least privilege." Access to the platform's backend and sensitive data is restricted to authorized personnel based on their job function.
- Network Security: We utilize firewalls, intrusion detection systems, and regular vulnerability scanning to protect our infrastructure.
3. Organizational Safeguards
- Confidentiality Agreements: All ZINFI employees and contractors are required to sign strict confidentiality agreements.
- Security Awareness: Our team undergoes regular security training to stay ahead of evolving threats like phishing and social engineering.
- Sub-Processor Review: We conduct security due diligence on all third-party vendors listed in our Sub-Processor List.
4. Incident Response
ZINFI maintains an incident response plan to ensure rapid action in the event of a security breach. This plan includes procedures for containment, investigation, and notification as required by our Privacy Policy and Data Processing Agreement (DPA).
5. Member Responsibility
Security is a shared responsibility. We urge our members to use strong, unique passwords and to report any suspicious activity to [email protected].