Security at iTrepreneur

Your business data is our top priority. We implement industry-leading security measures to protect your information and maintain your trust.

Our Security Commitment

At iTrepreneur, we understand that your business data is critical to your success. We employ multiple layers of security to ensure your information remains confidential, secure, and available only to you.

SOC 2 Type II Compliant

Independently audited for security, availability, and confidentiality

GDPR Compliant

Full compliance with EU data protection regulations

Data Protection

Encryption

  • Data in Transit:All data transmitted between your device and our servers is encrypted using TLS 1.3 with 256-bit encryption.
  • Data at Rest:Your stored data is encrypted using AES-256 encryption with regularly rotated encryption keys.
  • End-to-End Encryption:Sensitive business metrics and financial data are protected with additional end-to-end encryption.

Data Isolation

Each customer's data is logically separated and isolated from other customers' data. We use strict access controls and data segmentation to ensure your business information remains private and secure.

Data Retention

We retain your data only as long as necessary to provide our services. Deleted data is permanently removed from our systems within 30 days, with no ability to recover it after this period.

Infrastructure Security

Cloud Infrastructure

Our platform is hosted on AWS, leveraging their world-class security infrastructure:

  • Multiple availability zones for redundancy
  • 24/7 physical security at data centers
  • Automated backup and disaster recovery
  • DDoS protection and mitigation

Network Security

Multiple layers of network protection ensure your data remains secure:

  • Web Application Firewall (WAF)
  • Intrusion detection and prevention
  • Regular security scanning and monitoring
  • Isolated network segments

Access Control & Authentication

User Authentication

  • • Secure password requirements with complexity validation
  • • Two-factor authentication (2FA) available for all accounts
  • • Session management with automatic timeout
  • • OAuth 2.0 integration for single sign-on (SSO)
  • • Account lockout after failed login attempts

Internal Access

  • • Principle of least privilege for all staff
  • • Background checks for all employees
  • • Regular access reviews and audits
  • • Encrypted VPN access for remote work
  • • Comprehensive audit logs of all access

AI Security & Privacy

Our AI-powered coaching system is designed with privacy and security at its core:

Your Data, Your Control

  • We never use your business data to train AI models
  • Your data is not shared with OpenAI or other AI providers for training
  • All AI processing is done in isolated, secure environments
  • You can request complete data deletion at any time

Incident Response

In the unlikely event of a security incident, we have comprehensive response procedures:

24-Hour Response

Our security team responds to incidents within 24 hours of detection

Immediate Notification

Affected users are notified within 72 hours as required by law

Forensic Analysis

Complete investigation to understand scope and prevent recurrence

Transparent Communication

Clear updates throughout the resolution process

Continuous Security Improvement

Security is not a one-time effort. We continuously improve our security posture through:

Regular Audits

Annual third-party security audits and penetration testing

Security Training

Ongoing security awareness training for all employees

Patch Management

Regular updates and patches to address vulnerabilities

Security Questions?

Our security team is here to help. If you have any questions about our security practices or need to report a security issue, please contact us.

Contact Security TeamGeneral Support