Security Policy
How we protect accounts, data and payments.
1. Safeguards
We use role-based access control, encryption in transit and at rest, audit logging, secret management, input validation and rate limiting.
2. Payments
Card data is handled by PCI-compliant payment partners; we do not store full card numbers. Webhooks are signature-verified.
3. Your part
Use a strong unique password, protect your devices, and never share one-time codes. Report suspected compromise immediately.
4. Reporting a vulnerability
Responsible disclosure is welcome at trust@utsavos.dev. Please do not access others’ data or disrupt the service while testing.
Contact
Questions about this document can be sent to our legal team. Grievances should go to the Grievance Officer for a tracked response.
- Legal: legal@utsavos.dev
- Privacy / Data Protection Officer: privacy@utsavos.dev
- Grievance Officer: grievance@utsavos.dev
- Trust & Safety: trust@utsavos.dev
Related documents
© 2026 UtsavOS · Part of the Legal & Trust CenterContact Legal →