Security

Data Protection

Infrastructure Security

• Hosted on secure cloud infrastructure with regular security patches
• DDoS protection and web application firewall (WAF)
• Regular security audits and penetration testing
• 24/7 monitoring for suspicious activity
• Automated backup and disaster recovery procedures

Authentication & Authorization

• Multi-factor authentication (2FA) via SMS or authenticator app
• Password requirements: minimum 8 characters, complexity requirements
• Session management and automatic logout on inactivity
• Device fingerprinting and anomaly detection

Payment Security

• PCI DSS compliance (where applicable)
• Card data is tokenized and never stored in plain text
• 3D Secure (3DS) authentication for card payments
• Fraud detection and transaction monitoring

Incident Response

In the event of a security incident, we have procedures in place to:

1. Detect and contain the incident
2. Investigate the scope and impact
3. Notify affected users (as required by law)
4. Remediate vulnerabilities
5. Report to relevant authorities

If you believe you have discovered a security incident or data breach, please contact: security@sendsara.com

Vulnerability Disclosure Policy

We welcome responsible disclosure of security vulnerabilities. If you discover a potential security issue, please:

• Email us at security@sendsara.com
• Provide detailed information about the vulnerability
• Allow us reasonable time to address the issue before public disclosure
• Do not access, modify, or delete data belonging to other users

We commit to:

• Acknowledge your report within 48 hours
• Provide regular updates on our progress
• Credit you for the discovery (if desired) once the issue is resolved