Security & Compliance

Last updated: [Insert Date]

At Axxent Partners, Inc. we take security and compliance seriously. Protecting customer data, maintaining trust, and meeting regulatory obligations are core principles guiding the design and operation of our Services.

1. Security Practices

• Encryption: Data in transit is protected with TLS 1.2+; sensitive data at rest is encrypted with AES-256.
• Access Controls: Role-based access controls (RBAC) and principle of least privilege applied across systems.
• Authentication: Support for MFA, strong password policies, and secure session management.
• Monitoring: Continuous logging, anomaly detection, and automated alerts for suspicious activity.
• Testing: Regular vulnerability scanning, code reviews, and periodic third-party penetration tests.
• Backups & Recovery: Encrypted backups with defined retention periods and tested recovery procedures.

2. Compliance Frameworks

We align our policies and controls with recognized standards and regulatory requirements relevant to our operations, including:

• GDPR: European Union General Data Protection Regulation.
• CCPA/CPRA: California Consumer Privacy Act / Privacy Rights Act.
• PCI DSS: Payment Card Industry Data Security Standard (for applicable payment features).
• SOC 2: Service Organization Controls for Security, Availability, and Confidentiality (where applicable).
• HIPAA: Health Insurance Portability and Accountability Act safeguards, if handling protected health information.

3. Data Governance

• Data classification and handling procedures for sensitive, confidential, and public information.
• Retention schedules aligned with regulatory and contractual obligations.
• Data minimization to collect and store only what is necessary.
• Vendor and third-party due diligence for security and compliance practices.

4. Incident Response

We maintain a formal Incident Response Plan. In the event of a security incident, we will:

• Identify, contain, and remediate the incident promptly.
• Notify affected customers and regulators as required by law.
• Conduct post-incident reviews and implement corrective actions.

5. Employee Training & Awareness

All employees undergo security and compliance training, including secure coding practices, phishing awareness, and data handling obligations.

6. Customer Responsibilities

Customers also play an important role in protecting their accounts and data. We encourage the use of strong, unique passwords, enabling multi-factor authentication, and promptly notifying us of suspicious activity.

7. Continuous Improvement

Security and compliance are ongoing processes. We regularly review and update our policies, practices, and controls to adapt to evolving threats and regulatory changes.

8. Contact Us

Questions or concerns about security or compliance can be directed to:

Axxent Partners, Inc.
1912 Capitol Ave
Ste. 500
Cheyenne, WY 82001
United States
admin@sentry.partners
[Phone Placeholder]