Security Disclaimer
Effective Date: Sept 2023
At Meritudio Pte Ltd. and its subsidiaries (collectively referred to as "Meritudio," “we,” “us,” or “our”), we prioritize the security and confidentiality of your personal data. We employ a multi-layered approach to safeguard your information, incorporating industry-standard technologies, protocols, and best practices. However, it is critical to understand that no security system is infallible, and absolute protection cannot be guaranteed.
This Security Disclaimer provides detailed information about our security measures, their limitations, and your responsibilities when using Meritudio Services. By accessing or using our services, you acknowledge and agree to the terms outlined below.
I. Our Security Measures
To protect your personal data, Meritudio has implemented the following security measures:
A. Technical Safeguards
o Encryption: We use Transport Layer Security (TLS) 1.2 or higher to encrypt data transmitted between your device and our servers. Sensitive data, such as passwords and payment information, is encrypted at rest using Advanced Encryption Standard (AES-256).
o Firewalls and Intrusion Detection: Our systems are protected by firewalls and intrusion detection/prevention systems (IDS/IPS) to monitor and block unauthorized access attempts.
o Regular Security Audits: We conduct internal and external security audits, including vulnerability assessments and penetration testing, to identify and address potential weaknesses.
o Data Backups: We perform regular backups of critical data to ensure business continuity and data recovery in the event of a breach or system failure.
B. Administrative Safeguards
o Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis. Employees undergo background checks and sign confidentiality agreements.
o Employee Training: We provide mandatory security training to all employees, covering topics such as phishing prevention, password management, and data handling best practices.
o Incident Response Plan: We have a documented incident response plan to quickly address and mitigate security breaches, including notification procedures for affected individuals and regulatory authorities.
C. Physical Safeguards
o Data Center Security: Our servers are hosted in secure data centers with 24/7 monitoring, biometric access controls, and environmental protections (e.g., fire suppression, climate control).
o Office Security: Our offices are equipped with access control systems, surveillance cameras, and visitor logs to prevent unauthorized physical access.
II. Limitations of Security Measures
Despite our robust security measures, the following limitations and risks exist:
A. Internet Vulnerabilities
o Data transmitted over the internet may be intercepted by malicious actors, even when encryption is used.
o Public Wi-Fi networks and unsecured devices increase the risk of unauthorized access.
B. Third-Party Risks
o Meritudio integrates with third-party services (e.g., payment processors, analytics providers) whose security practices are beyond our control.
o Links to external websites or services may expose you to phishing attacks or malware.
C. Human Error
o Employees or users may inadvertently compromise security by falling victim to phishing attacks, using weak passwords, or mishandling sensitive data.
D. Emerging Threats
o Cyber threats, such as zero-day exploits, ransomware, and advanced persistent threats (APTs), are constantly evolving and may bypass existing security measures.
III. Your Responsibilities
To enhance the security of your personal data and account, you are responsible for the following:
A. Account Security
o Use a strong, unique password for your Meritudio account (e.g., a combination of uppercase and lowercase letters, numbers, and special characters).
o We may enable two-factor authentication (2FA) if available to add an extra layer of protection.
o Do not share your login credentials with anyone or reuse passwords across multiple accounts.
B. Device and Network Security
o Keep your devices, operating systems, and applications up to date with the latest security patches.
o Use antivirus software and firewalls to protect against malware and unauthorized access.
o Avoid accessing Meritudio Services over public Wi-Fi networks without using a virtual private network (VPN).
C. Phishing Awareness
o Be cautious of unsolicited emails, messages, or calls requesting your login credentials or personal information.
o Verify the authenticity of communications claiming to be from Meritudio by contacting us directly at support@meritudio.com.
D. Monitoring and Reporting
o Regularly review your account activity and report any suspicious behavior to us immediately.
o If you suspect a security breach or vulnerability, notify us at support@meritudio.com.
IV. No Liability for Unauthorized Access
Meritudio shall not be held liable for any unauthorized access to, or use, alteration, or destruction of, your personal data resulting from:
o Your failure to follow security best practices (e.g., sharing your password, using weak credentials, or falling victim to phishing attacks);
o Security breaches caused by third parties, including hackers, malware, or other malicious actors; or
o Circumstances beyond our reasonable control, such as natural disasters, acts of terrorism, or government actions.
V. Reporting Security Concerns
If you believe your account has been compromised or you have identified a security vulnerability in Meritudio Services, please contact us immediately at: support@meritudio.com
We take all security concerns seriously and will investigate promptly.
VI. Changes to This Disclaimer
We may update this Security Disclaimer from time to time to reflect changes in our practices, technology, or legal requirements. The "Effective Date" at the top of this page will indicate when the disclaimer was last revised. We encourage you to review this disclaimer periodically to stay informed about the security of your data.
Contact Us
If you have any questions or concerns about this Security Disclaimer or the security of your personal data, please contact us at: support@meritudio.com
