Optima Connect Logo
  • How It Works
  • About Us
  • Pricing
  • Contact Sales
|Optima Connect Logo

Legals

Privacy PolicyTerms of ServiceCookie PolicySecurity

Security

Effective date: August 1, 2020

At OptimaConnect, we prioritize the security and privacy of our users' data. This Security Policy outlines the measures we take to protect your personal information and the steps you can take to ensure a safe and secure experience on our platform.

1. Commitment to Data Security

We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use, or disclosure. Our commitment includes:

  • Data Encryption: All data transferred between your device and our platform is encrypted using SSL (Secure Socket Layer) technology. This ensures that sensitive information, such as passwords and API keys, is protected during transmission.
  • Encryption of Stored Data: Data stored on our servers is encrypted to prevent unauthorized access.
  • Secure Infrastructure: We utilize secure cloud service providers that comply with industry-standard security protocols. Our infrastructure includes firewall protection, intrusion detection systems, and regular security audits to ensure the integrity of our system.

2. Authentication and Account Protection

  • OAuth 2.0 Authentication: OptimaConnect uses OAuth 2.0, a secure and widely adopted framework, for user authentication. This ensures that your credentials are not exposed to unauthorized entities, and the access to your accounts with connected services is secure.
  • Two-Factor Authentication (2FA): We highly encourage users to enable 2FA for an extra layer of security. This requires users to enter a unique code from their mobile device in addition to their password when logging in.
  • Password Protection: We enforce strong password requirements to ensure that your account is protected. Passwords are stored securely using one-way encryption (hashing).

3. Data Integrity and Retention

We are committed to ensuring the integrity of the data we process. The following policies are in place:

  • Data Validation: We regularly validate and verify data integrity during transfers to prevent data corruption or unauthorized modifications.
  • Backup Procedures: We perform regular backups of all user data. In case of a system failure or breach, we ensure data can be recovered without significant loss.
  • Data Retention: We retain user data only for as long as necessary to fulfill the purpose for which it was collected, or as required by law.

4. Monitoring and Incident Response

We actively monitor for suspicious activities across our platform. In the event of a security breach, we have the following procedures in place:

  • Monitoring Systems: Our team uses automated monitoring systems to detect unusual activities such as unauthorized logins or access attempts.
  • Incident Response Plan: If a security incident occurs, we will immediately investigate and contain the breach. We will notify affected users promptly if their personal data is compromised and work with them to secure their accounts.
  • Audit Logs: We maintain detailed audit logs of all user actions on our platform, ensuring transparency and accountability.

5. Compliance with Industry Standards

OptimaConnect complies with all relevant industry security standards and regulatory frameworks, including but not limited to:

  • General Data Protection Regulation (GDPR): We ensure that all user data from European Union (EU) residents is processed in compliance with GDPR regulations.
  • California Consumer Privacy Act (CCPA): For users residing in California, we adhere to CCPA guidelines, ensuring user rights are respected, and data is processed securely.

6. User Responsibilities

While we take extensive measures to protect your data, security is a shared responsibility. Here are some steps you can take to ensure your account remains secure:

  • Use Strong Passwords: Always choose strong, unique passwords for your accounts and avoid reusing passwords across different services.
  • Enable Two-Factor Authentication (2FA):Add an additional layer of security by enabling 2FA for your account.
  • Beware of Phishing Attacks:OptimaConnect will never ask for your password via email. Be cautious of any unsolicited emails asking for your login credentials.

7. Reporting Security Concerns

If you believe your account has been compromised or if you notice any suspicious activity, please contact us immediately:

Email: info@optimaconnect.io
Mailing Address: OptimaConnect, 481 South 10 West Farmington, Utah, US

We also welcome responsible disclosure of security vulnerabilities. If you discover a potential vulnerability in our system, please notify us so we can address the issue promptly.

8. Changes to Our Security Policy

We may update this Security Policy from time to time in response to changes in technology, regulations, or security best practices. We will notify users of any significant changes via email or an in-app notification.