Security Policy

Last Updated: November 28, 2025

At Stellacore Arc, we are committed to protecting the security and integrity of your personal information and data. This Security Policy outlines the measures we implement to safeguard your information when you use our webinar platform and related services.

1. Information Security Framework

We maintain a comprehensive information security framework designed to protect against unauthorized access, alteration, disclosure, or destruction of your personal information and data stored on our platform.

1.1 Security Standards

Our security practices are guided by internationally recognized standards and best practices, including:

Industry-standard encryption protocols
Regular security assessments and audits
Continuous monitoring of security threats
Implementation of appropriate technical and organizational measures

1.2 Data Classification

We classify data based on sensitivity levels and apply appropriate security controls accordingly. Personal information, payment data, and webinar content receive the highest levels of protection.

2. Technical Security Measures

2.1 Encryption

We employ strong encryption methods to protect your data:

Data in Transit: All data transmitted between your device and our servers is encrypted using Transport Layer Security (TLS) protocols
Data at Rest: Sensitive data stored on our servers is encrypted using industry-standard encryption algorithms
End-to-End Encryption: Certain communications may utilize end-to-end encryption for enhanced privacy

2.2 Access Controls

We implement strict access control measures:

Multi-factor authentication for administrative access
Role-based access control limiting data access to authorized personnel only
Regular review and audit of access permissions
Immediate revocation of access for terminated employees or contractors

2.3 Network Security

Our network infrastructure includes:

Firewalls and intrusion detection systems
Network segmentation to isolate critical systems
Regular vulnerability scanning and penetration testing
DDoS protection mechanisms

2.4 Application Security

We follow secure development practices:

Regular security code reviews
Automated and manual security testing
Prompt application of security patches and updates
Input validation and sanitization to prevent common vulnerabilities

3. Physical Security

Our data centers and facilities maintain physical security measures including:

24/7 surveillance and monitoring
Restricted access with biometric authentication
Environmental controls for temperature and humidity
Redundant power supplies and backup systems
Fire suppression and detection systems

4. Data Backup and Recovery

4.1 Backup Procedures

We maintain regular backup procedures to ensure data availability:

Automated daily backups of all critical data
Geographically distributed backup storage
Encrypted backup data
Regular testing of backup restoration procedures

4.2 Disaster Recovery

Our disaster recovery plan includes:

Documented recovery procedures and protocols
Regular disaster recovery drills and testing
Redundant infrastructure and failover capabilities
Business continuity planning

5. Account Security

5.1 Password Requirements

To protect your account, we enforce strong password policies:

Minimum password length and complexity requirements
Password encryption using one-way hashing algorithms
Prevention of common or previously compromised passwords
Regular password change recommendations

5.2 Authentication

We support multiple authentication methods:

Standard username and password authentication
Multi-factor authentication options
Single sign-on integration capabilities
Session timeout mechanisms for inactive accounts

5.3 Account Monitoring

We monitor for suspicious account activity including:

Unusual login patterns or locations
Multiple failed login attempts
Concurrent sessions from different locations
Automated alerts for potential security incidents

6. Third-Party Security

6.1 Vendor Management

We carefully evaluate and monitor third-party service providers:

Security assessments before vendor engagement
Contractual security and privacy obligations
Regular vendor security reviews
Limited data sharing based on necessity

6.2 Integration Security

Third-party integrations undergo security review:

API security controls and authentication
Data transmission encryption
Scope limitation of integration permissions
Regular security updates and monitoring

7. Incident Response

7.1 Security Incident Management

We maintain a comprehensive incident response plan:

24/7 security monitoring and alerting
Dedicated incident response team
Documented incident response procedures
Post-incident analysis and improvement processes

7.2 Breach Notification

In the event of a security breach affecting your personal information:

We will investigate the incident promptly
Affected users will be notified without undue delay
We will provide information about the nature of the breach
Recommended protective actions will be communicated
Regulatory authorities will be notified as required

8. Employee Security

8.1 Security Training

All employees receive security awareness training:

Initial security training during onboarding
Regular security awareness updates
Phishing and social engineering education
Data handling and privacy training

8.2 Personnel Security

We implement personnel security measures:

Background checks for employees with data access
Confidentiality and non-disclosure agreements
Clear security policies and procedures
Disciplinary measures for security violations

9. Payment Security

For payment processing, we implement additional security measures:

PCI DSS compliance for payment card data
Use of trusted payment processors
Tokenization of payment information
Secure payment gateway connections
No storage of complete payment card details on our servers

10. Webinar-Specific Security

10.1 Broadcast Security

We secure webinar broadcasts through:

Encrypted streaming connections
Password protection options for private webinars
Waiting room features for host control
Participant authentication mechanisms

10.2 Recording Security

Webinar recordings are protected by:

Encrypted storage of all recordings
Access control and permission management
Secure sharing and download options
Automatic deletion based on retention policies

10.3 Communication Security

Interactive features maintain security through:

Moderation controls for chat and Q&A
Content filtering capabilities
User reporting mechanisms
Host controls for participant management

11. Compliance and Audits

11.1 Regular Audits

We conduct regular security audits:

Internal security assessments
Third-party security audits
Penetration testing exercises
Compliance reviews

11.2 Continuous Improvement

Our security program evolves through:

Regular review of security policies and procedures
Implementation of emerging security technologies
Response to new security threats and vulnerabilities
Industry best practice adoption

12. Your Security Responsibilities

While we implement robust security measures, you also play a crucial role in protecting your account:

Use strong, unique passwords for your account
Enable multi-factor authentication when available
Keep your login credentials confidential
Log out from shared or public devices
Report suspicious activity immediately
Keep your contact information current
Review account activity regularly
Use secure internet connections for webinars
Update your software and devices regularly

13. Limitations

While we strive to protect your information using industry-standard security measures, please understand:

No system can guarantee absolute security
Internet transmission carries inherent risks
You transmit information at your own risk
We are not responsible for circumvention of security measures
External links may have different security standards

14. Security Updates

We regularly update our security measures and may modify this Security Policy to reflect:

Changes in security technologies
New security threats or vulnerabilities
Regulatory or legal requirements
Improvements to our security practices

Material changes to this policy will be communicated through our platform or via email.

15. Contact Information

For security-related questions, concerns, or to report a security vulnerability, please contact us:

Email: help@stellacorearc.com

Phone: +380 71 530 4373

WhatsApp: +380 71 530 4373

Address: Yevhena Rykhlika St, 15.1, Zhytomyr, Zhytomyr Oblast, Ukraine, 10002

Security Reports: If you discover a security vulnerability, please report it responsibly by contacting us directly rather than publicly disclosing it. We appreciate your cooperation in keeping our platform secure.

This Security Policy is effective as of the last updated date shown above and applies to all users of the Stellacore Arc platform and services.