Security & Trust

Your data security and privacy are our top priorities. Learn about our comprehensive security measures.

Last updated: January 15, 2025

Our Security Commitment

At Bazman, we understand that trust is earned through transparency and action. We've implemented enterprise-grade security measures to protect your sensitive scheduling data and communications.

Our security program is designed around industry best practices and compliance standards, ensuring your data remains confidential, secure, and available when you need it.

Data Encryption & Protection

Encryption in Transit

  • TLS 1.3 encryption for all data transmissions
  • HTTPS enforced across all connections
  • End-to-end encryption for WhatsApp communications
  • Certificate pinning to prevent man-in-the-middle attacks

Encryption at Rest

  • AES-256 encryption for stored data
  • Database-level encryption with rotating keys
  • Encrypted backups with separate key management
  • Secure file storage with access controls

Infrastructure & Network Security

Cloud Infrastructure

  • AWS/GCP enterprise-grade hosting
  • ISO 27001 and SOC 2 compliant data centers
  • Geographic data replication
  • DDoS protection and mitigation

Network Protection

  • Web Application Firewalls (WAF)
  • Intrusion detection systems
  • Network segmentation and isolation
  • Real-time threat monitoring

Access Control & Authentication

Multi-Factor Authentication

We require MFA for all administrative access and encourage it for all user accounts to add an extra layer of security.

Principle of Least Privilege

  • Role-based access control (RBAC) for all systems
  • Regular access reviews and deprovisioning
  • Temporary elevated access with automatic expiry
  • Segregation of duties for critical operations

Monitoring & Incident Response

24/7 Security Monitoring

  • Real-time security event monitoring and alerting
  • Automated threat detection and response
  • Security information and event management (SIEM)
  • Continuous vulnerability scanning

Incident Response Plan

  • Dedicated security response team
  • Defined escalation procedures
  • Customer notification protocols
  • Post-incident analysis and improvement

Data Privacy & Compliance

Privacy by Design

We implement privacy protection throughout our entire system design and development process.

Compliance Standards

  • GDPR (General Data Protection Regulation)
  • CCPA (California Consumer Privacy Act)
  • SOC 2 Type II certification
  • ISO 27001 information security

Data Handling

  • Data minimization principles
  • Automated data retention policies
  • Secure data deletion procedures
  • Cross-border data transfer protections

Security Best Practices for Users

While we secure our infrastructure, you can help protect your account:

  • Use strong, unique passwords
  • Enable two-factor authentication
  • Keep your devices updated
  • Be cautious with public Wi-Fi
  • Log out when finished
  • Report suspicious activity
  • Review account activity regularly
  • Don't share login credentials

Security Concerns or Questions?

If you discover a security vulnerability or have security-related questions, please contact our security team.

Security Email: security@bazman.ai

Bug Bounty: security@bazman.ai

We appreciate responsible disclosure and will respond to security reports within 24 hours.