Skip to main content

Effective Date: 08 March 2026 | Last Updated: 08 March 2026

How we protect your data and our systems

DATA ENCRYPTION
All data stored on Infytrix systems is encrypted at rest using AES-256. All data in transit — between your browser and our platform, and between our platform and connected marketplace APIs — is protected using TLS 1.2 or higher. This applies to all client data including financial and transactional records.

ACCESS CONTROLS
Access to client data and system credentials is governed by Role-Based Access Control (RBAC). Every employee is assigned a unique, individual account — shared credentials are prohibited. Access to sensitive systems and data is granted strictly on a need-to-know basis, approved by the IT Head, and reviewed quarterly. When an employee changes roles or leaves the organisation, access is revoked within 24 hours.

DEVICE AND ENDPOINT SECURITY
All Infytrix employees are issued company-managed devices. Every device is enrolled in Microsoft Intune for Mobile Device Management (MDM), with enforced policies for disk encryption, screen lock, and application control. Data Loss Prevention (DLP) is implemented via Safetica to monitor and prevent unauthorised data transfers, including to external storage devices.

CREDENTIAL AND SECRETS MANAGEMENT
API credentials, access tokens, and sensitive keys used for marketplace integrations are stored in a dedicated secrets management system. Credentials are never hardcoded in source code or configuration files. All repositories are scanned for accidental credential exposure. Access tokens are rotated regularly and revoked immediately upon any suspected compromise.

VULNERABILITY MANAGEMENT
Our development process includes security code review at every stage. Identified vulnerabilities are triaged by severity and tracked to resolution with defined SLAs. Our infrastructure is monitored continuously for anomalous activity, and security patches are applied promptly.

INCIDENT RESPONSE
Infytrix maintains a formal Incident Response Plan. In the event of a confirmed security incident, we will: contain the affected systems immediately, assess the scope and impact, notify affected clients without undue delay, and conduct a full post-incident review. Critical incidents involving client data are escalated and communicated within 24 hours of confirmation.

To report a security vulnerability or incident: security@infytrix.com

RESPONSIBLE DISCLOSURE
If you discover a security issue in our platform, please disclose it responsibly. Email security@infytrix.com with a description of the issue. We will acknowledge your report within 24 hours and work to resolve confirmed vulnerabilities promptly.

Where E-Marketing, E-Financing & Automation Intersect

About Us

Features

Why Infytrix?

Join Us

Connect

Privacy Policy

Terms of Service

Security at Infytrix

© 2026 Infytrix Ecom Private Limited. All rights reserved.
GSTIN: 27AAHCI0717L1ZG | CIN: U70200MH2023PTC400642
S8, 2nd Floor, Pinnacle Business Park, Shanti Nagar, Mahakali Caves Road, Andheri East, Mumbai 400093