SECURITY AND COMPLIANCE

1. INFRAESTRUCTURE AND ENCRYPTION

• In Transit: All data traffic is encrypted using TLS 1.2 or higher.
• At Rest: Sensitive data in our databases is encrypted using the AES-256 standard.
• Our infrastructure is hosted in data centers with SOC 1, SOC 2, and ISO/IEC 27001 certifications.

2. INCIDENT MANAGEMENT

In the unlikely event of a security breach affecting personal data, RSAGENTIC LLC will notify the Client (Data Controller) without undue delay and within 72 hours of becoming aware of the incident, as required by the GDPR and US data breach notification laws.

3. PAYMENT SECURITY

RSAGENTIC LLC does not store or process full credit card data. All transactions are delegated to PCI-DSS Level 1 certified payment processors (e.g., Stripe).