Security Policy

We are a ISO 27001:2013 UKAS Certified with certificate Number : 12311/A/0001/UK/En. Denquity will never rent or sell user information or data to anyone.

1. What is Denquity's policy on renting or selling user information or data?

Denquity may obtain and receive personal data, such as name, gender, email address, date of birth, and location when users register with the company. Additionally, Denquity may also receive device and log file information, such as Internet Protocol Address, Browser type, Browser Language, date and time of usage of Application, Device type, operating system of the device, unique device identifiers and device settings when the Application is used.

2. Does Denquity use or transfer user data for serving ads?

No, Denquity never uses or transfers user data for serving ads, including retargeting, personalized, or interest-based advertising.

3. Under what circumstances will Denquity provide user information to a third party?

Denquity will only provide user information to a third party if explicitly agreed to by the user.

4. How is Denquity's platform hosted and secured?

Denquity is hosted on dedicated servers with enterprise-grade tools to provide a secure and scalable technology platform. We use HTTPS protocol for our website and mobile applications and all communication between the platform and our servers are protected via 256-bit encrypted HTTPS protocol. We also have strict network segmentation and isolation of environments and services in place.

5. What security measures does Denquity use to protect user data?

Denquity uses industry-leading solutions for anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, application control, application and audit log aggregation, and automated patching. User data and internal stored data is protected by encryption at rest and sensitive data by application-level encryption. We also employ separation of environments and segregation of duties and have strict role-based access control on a documented, authorized & need-to-use basis.

6. What is Denquity's incident and change management process?

Denquity has deployed mature processes around Change Management to release thoroughly tested features for users both reliably and securely. We also have a very aggressive stance on Incident Management on both Systems downtime and Security and Network Operations Center and an Information Security Management System in place which quickly reacts, remediates or escalates any Incidents arising out of planned or unplanned changes.

7. How does Denquity conduct vulnerability assessments and penetration testing?

Denquity works with a network security team that uses industry-leading products to conduct manual and automated VA/PT activities, including penetration testing of all the applications and endpoints. We also employ both static application security testing and dynamic application security testing which is incorporated into our continuous integration/continuous deployment pipeline.

8. What is Denquity's policy on responsible disclosure?

Denquity is committed to user data and privacy and employs state of the art technology to ensure strong security measures. If a security vulnerability is discovered on Denquity, we encourage responsible disclosure by submitting a bug report to info@denquity.com with detailed steps to reproduce the vulnerability. We will investigate and fix legitimate issues in a reasonable time frame and request that the vulnerability not be publicly disclosed.