Security Policy
Transparent reporting on how we safeguard your high-value asset data and privacy through multi-layer technical protection.
1. Security Overview
At Credence Strategies, technical and organizational security is a core pillar of our commitment to NRI and HNI clients. We employ institutional-grade security protocols to ensure your asset data and personal information remain protected against unauthorized access, disclosure, or alteration.
2. Encryption Standards
We protection your data both in transit and at rest:
Data in Transit
All communications between your browser and our servers are encrypted using 256-bit SSL/TLS encryption.
Data at Rest
Sensitive information in our databases is encrypted using industry-standard AES-256 algorithms.
3. Data Residency & Infrastructure
In compliance with Indian regulatory requirements, including the DPDP Act 2023, all personal and financial data is stored on secure servers located within India.
- Highly available, Tier-IV data center architecture
- Multi-zone redundancy for disaster recovery
- Continuous monitoring and automated DDoS protection
- Regular automated backups with off-site replication
4. Access Controls
Access to client data is strictly regulated through a "Principle of Least Privilege" framework:
5. Vulnerability Management
We proactively identify and mitigate risks through continuous testing:
Internal Audits
Weekly automated vulnerability scans of our software and network perimeter.
External Penetration Testing
Annual security assessments conducted by certified third-party cybersecurity firms.
6. Responsible Disclosure
Security Inquiries
If you believe you have discovered a security vulnerability or have questions about our security practices, please contact our security team immediately:
We will acknowledge all reports within 24 hours.
Last Audit: April 2026
"Security is not a feature, it is our foundation."