Security Policy

Data Protection

AceCCL is committed to protecting the security and privacy of our users' data. We implement industry-standard security measures to safeguard your personal information and learning data.

Continuous Improvement

We regularly review and update our security practices to address evolving threats and maintain the highest standards of protection.

Data in Transit

All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security) protocols.

Data at Rest

Personal data stored in our databases is encrypted using industry-standard encryption algorithms.

Password Security

User passwords are hashed using secure algorithms and are never stored in plain text.

Secure Hosting

Our platform is hosted on secure, certified cloud infrastructure with multiple layers of protection.

Access Controls

We implement strict access controls to ensure only authorized personnel can access user data.

Regular Updates

Our systems receive regular security updates and patches to address known vulnerabilities.

Monitoring

We continuously monitor our systems for unusual activity and potential security threats.

Third-Party Processing

All payment processing is handled by Razorpay, a certified payment processor that meets industry security standards.

No Card Storage

We do not store credit card information on our servers. All payment data is securely handled by our payment processor.

PCI Compliance

Our payment processing meets PCI DSS (Payment Card Industry Data Security Standard) requirements.

Strong Passwords

We require users to create strong passwords with specific complexity requirements.

Email Verification

All new accounts must verify their email address before gaining full access to the platform.

Session Management

User sessions are securely managed with appropriate timeout periods and session token protection.

Audio Data

Practice recordings are automatically deleted after your session ends and are never permanently stored.

Data Minimization

We collect only the data necessary to provide our services and improve your learning experience.

Anonymous Analytics

Usage analytics are anonymized and cannot be linked back to individual users.

Incident Detection

We have systems in place to quickly detect and respond to security incidents.

Response Plan

Our incident response plan includes immediate containment, assessment, and remediation procedures.

User Notification

In the event of a security breach affecting user data, we will notify affected users promptly as required by law.

Vendor Assessment

All third-party services are evaluated for security compliance before integration.

Data Processing Agreements

Third-party processors are bound by strict data protection agreements.

Regular Reviews

We regularly review the security practices of our third-party vendors.

Account Security

Users are responsible for keeping their account credentials secure and not sharing them with others.

Device Security

Ensure your devices are secure and up-to-date when accessing our platform.

Suspicious Activity

Report any suspicious account activity or potential security issues immediately.

Standards

Our security practices align with industry standards and best practices for data protection.

Regular Audits

We conduct regular security assessments and audits to ensure compliance with our security policies.

Legal Requirements

We comply with all applicable data protection and security regulations in the jurisdictions where we operate.

Security Questions

For questions about our security practices or to report security concerns:

Email: support@aceccl.com

Subject: Security Inquiry