Trust & Assurance
Compliance & Security
Security-first engineering, privacy-by-design, and operational excellence—so you can build with confidence.
Security Pillars
Encryption & Key Mgmt
TLS 1.2+ in transit, AES-256 at rest, managed KMS, key rotation policies, and HSM options for regulated workloads.
Identity, RBAC & 2FA
SSO/SAML/OIDC, least-privilege roles, SCIM provisioning, device binding, and mandatory MFA for admin actions.
Network & Infra
VPC isolation, WAF & rate limiting, zero-trust service auth, hardened images, vulnerability scanning, and patch SLAs.
Secure SDLC
Threat modeling, code reviews, secrets scanning, SAST/DAST, dependency pinning, and signed releases.
Monitoring & Response
Centralized logs, SIEM correlation, anomaly detection, 24×7 on-call, and post-incident root-cause analysis.
Privacy & Governance
Data minimization, retention policies, DPA support, DPIAs, and subject-rights workflows.
Compliance Alignment
We map our controls to widely recognized frameworks. Unless explicitly stated, we do not claim formal certification; artifacts and mappings are available under NDA.
Controller/Processor DPAs, SCCs where applicable, data subject rights, and breach notification workflows.
Policies, risk treatment, asset mgmt, access control, cryptography, operations, and supplier mgmt.
Network segmentation, secure key handling, logging, and vulnerability mgmt for payment integrations.
Risk-based KYC/AML controls, transaction monitoring, sanctions screening, and audit trails.
Data Handling
| Category | Examples | Purpose | Retention |
|---|---|---|---|
| Account | Name, email, org, roles | Provisioning, auth, support | Lifecycle of contract + 12 mo |
| Operational | Logs, metrics, audit trails | Security, reliability, billing | 90–400 days (tiered) |
| Financial | Invoices, payment refs | Accounting & compliance | As required by law |
| Sensitive (Optional) | KYC/AML artifacts | Regulatory screening | Configurable; minimal storage |
Retention windows can be customized to your policy within platform limits.
Shared Responsibility Model
Teksor’s Responsibilities
- ✓Secure platform architecture & operations
- ✓Encryption, secrets & key management
- ✓Logging, monitoring, vulnerability mgmt
- ✓Incident response & disaster recovery
Customer Responsibilities
- ✓User & role management, MFA enforcement
- ✓Data classification & retention policy choices
- ✓Endpoint hygiene & secure integration keys
- ✓Legal basis for processing & DPA sign-off
Business Continuity & Disaster Recovery
- ✓Multi-AZ deployment with automated failover
- ✓Point-in-time database recovery and tested backups
- ✓Runbooks, tabletop exercises, and RTO/RPO targets
- ✓Change control and maintenance notification policy
Admin Controls
Centralized governance for screening thresholds, retention, export, and access policies.
Data Residency & Subprocessors
We work with a small set of vetted infrastructure and security providers. Region options and current subprocessor list are available upon request.
Compliance & Security FAQs
Do you hold formal certifications?
We align to frameworks like GDPR, ISO 27001, PCI DSS, and FATF guidance. Unless explicitly stated, we do not claim certification. Evidence and mappings are available under NDA.
Where is data stored?
Primary hosting is with major cloud providers. Data residency can be configured per customer and workload. Contact sales for available regions.
How do you handle incidents?
We run a documented incident response program with 24×7 on-call, severity-based SLAs, customer notifications, and post-incident RCAs with corrective actions.
Can we review pen-test and audit results?
Yes—third-party penetration test summaries and policy artifacts are available under NDA. Request access through our sales team.
Need a security review pack?
Get our security overview, control mappings, and DPA template—tailored to your use case.