Institutional-Grade Security

Security Policy

Transparent reporting on how we safeguard your high-value asset data and privacy through multi-layer technical protection.

1. Security Overview

At Credence Strategies, technical and organizational security is a core pillar of our commitment to NRI and HNI clients. We employ institutional-grade security protocols to ensure your asset data and personal information remain protected against unauthorized access, disclosure, or alteration.

2. Encryption Standards

We protection your data both in transit and at rest:

Data in Transit

All communications between your browser and our servers are encrypted using 256-bit SSL/TLS encryption.

Data at Rest

Sensitive information in our databases is encrypted using industry-standard AES-256 algorithms.

3. Data Residency & Infrastructure

In compliance with Indian regulatory requirements, including the DPDP Act 2023, all personal and financial data is stored on secure servers located within India.

  • Highly available, Tier-IV data center architecture
  • Multi-zone redundancy for disaster recovery
  • Continuous monitoring and automated DDoS protection
  • Regular automated backups with off-site replication

4. Access Controls

Access to client data is strictly regulated through a "Principle of Least Privilege" framework:

Role-Based Access (RBAC): Only employees who require data to perform their job functions are granted access.
Multi-Factor Authentication: MFA is mandatory for all administrative access to our production environments.
Activity Logging: All internal access to client records is logged and periodically audited for anomalies.

5. Vulnerability Management

We proactively identify and mitigate risks through continuous testing:

Internal Audits

Weekly automated vulnerability scans of our software and network perimeter.

External Penetration Testing

Annual security assessments conducted by certified third-party cybersecurity firms.

6. Responsible Disclosure

Security Inquiries

If you believe you have discovered a security vulnerability or have questions about our security practices, please contact our security team immediately:

security@thecredenc.com

We will acknowledge all reports within 24 hours.

Last Audit: April 2026

"Security is not a feature, it is our foundation."

Talk to Us