Our approach to product security

Antilivity Technologies is building its products with security-conscious architecture and responsible data practices. The controls used by each product will depend on its purpose, data type, development stage, and third-party integrations.

Authentication

Supported products may use verified authentication providers, secure sessions, multi-factor authentication, and account-access controls.

Access Control

Administrative and sensitive operations should be restricted by verified roles and server-side permission checks.

Data Minimisation

Products should collect only the information reasonably required to provide, secure, and improve the requested service.

Data Transfer

Sensitive information should be transferred through encrypted network connections using current secure protocols.

Data Storage

Where information is stored, access should be limited and storage providers should be selected according to the security and operational needs of the product.

User Consent

Products should request appropriate permission before collecting information or enabling communication workflows, and should provide clear choices where consent can be withdrawn.

Deletion and Retention

Information should be retained only for defined product, security, contractual, or legal needs. Verified deletion requests should be handled subject to applicable retention obligations.

Development Practices

Code review

Secret management

Dependency updates

Input validation

Logging and monitoring

Secure API design

Environment separation

Least-privilege access

Third-Party Services

Some Antilivity products may depend on external providers for authentication, communication, payments, verification, storage, hosting, or analytics. Their availability and data practices may affect the related product.

Reporting Security Issues

Please report suspected security issues privately. Do not publicly disclose sensitive details before the issue has been reviewed.

Contact Security Team