1. Commitment to Security

WatchBots OÜ is fundamentally a security company. The protection of our systems and our customers' data is paramount. This policy outlines the security measures we implement to protect the data processed by our AI Defense & Human Enhancement Systems. Our approach to security is comprehensive, covering technical, administrative, and physical controls.

2. Security Infrastructure

2.1. Government-Grade Security: For our most sensitive applications, particularly those used by government agencies, financial institutions, and for counter-terrorism operations, we implement security controls that align with government-grade standards.

2.2. Hybrid Deployment: We offer both cloud and on-premise deployment options to meet the diverse security requirements of our clients.

• • Cloud Security: Our cloud infrastructure is hosted with leading providers who comply with rigorous international security standards (e.g., ISO 27001, SOC 2). We utilize virtual private clouds (VPCs), network segmentation, and firewalls to isolate and protect our environments.
• • On-Premise Security: For on-premise deployments, we work with your security teams to ensure the solution is integrated securely within your own infrastructure.

2.3. Encryption:

• • Data in Transit: All data transmitted between your systems and our API endpoints is encrypted using strong TLS (Transport Layer Security) protocols (TLS 1.2 and higher).
• • Data at Rest: All sensitive customer data stored on our systems is encrypted at rest using industry-standard algorithms like AES-256.

3. Access Control

3.1. Principle of Least Privilege: Access to our production systems and customer data is strictly limited to authorized personnel based on the principle of least privilege. Access is restricted to what is necessary for an individual to perform their job function.

3.2. Authentication: Access to internal systems requires multi-factor authentication (MFA). Customer access to services is controlled via secure credentials, including API keys and password-protected accounts.

3.3. Auditing and Logging: We maintain detailed logs of access and changes to our production environment. These logs are monitored for suspicious activity and are securely stored.

4. Customer Responsibilities

While WatchBots maintains a secure infrastructure, security is a shared responsibility. As a customer, you are responsible for:

• • Credential Security: Maintaining the confidentiality and security of any passwords, API keys, or other credentials used to access our services. You must notify us immediately of any suspected unauthorized use.
• • Secure Implementation: Securely integrating our API into your applications and systems.
• • Data Management: Ensuring that the data you send to our services complies with all applicable laws and your own privacy and security policies.

5. Incident Response

We have a formal incident response plan in place to address potential security breaches. In the event of a security incident affecting your data, we will promptly investigate, take steps to mitigate the impact, and notify you in accordance with our legal and contractual obligations.

6. Policy Review

This Security Policy is reviewed regularly and updated as necessary to adapt to new threats and evolving best practices.

7. Contact

For any security-related inquiries or to report a potential vulnerability, please contact our security team directly at: