Skip to content

Security Addendum

Last updated: 2025-11-09

This document is provided for informational purposes only and is not legal advice.

RBAC

  • Role-based access applies least-privilege policies across marketing, procurement, legal, and finance roles.

Encryption

  • TLS 1.2+ in transit and managed key encryption at rest protect creator and campaign data.

Audit Logs

  • Immutable logs capture campaign changes, approvals, payouts, and identity events.

Incident Response

  • Documented runbooks with 24/7 escalation, customer notification SLAs, and post-incident reviews.

Backups & DR

  • Daily backups replicated cross-region with periodic disaster recovery exercises.

Vulnerability Management

  • Automated scanning, coordinated disclosure, and patch SLAs aligned to severity.