Security Policy

Last Updated: March 18, 2026

At Odalir, we are committed to protecting the security and integrity of your information. This Security Policy outlines the measures we implement to safeguard data and maintain a secure environment for our users.

Information Security Framework

We maintain a comprehensive information security program designed to protect the confidentiality, integrity, and availability of all data processed through our platform. Our security framework is built on industry-recognized standards and continuously updated to address emerging threats.

Data Protection Measures

Encryption

All data transmitted between your device and our servers is encrypted using industry-standard protocols. We employ TLS 1.2 or higher for data in transit and AES-256 encryption for sensitive data at rest.

Access Controls

We implement strict access control measures to ensure that only authorized personnel can access sensitive information. This includes:

Role-based access control limiting data access to employees who require it for their job functions

Multi-factor authentication for administrative access to systems and databases

Regular review and audit of access privileges

Immediate revocation of access upon termination of employment or change in job responsibilities

Infrastructure Security

Our infrastructure is hosted with reputable cloud service providers who maintain security certifications and compliance with international standards. We utilize firewalls, intrusion detection systems, and regular security monitoring to protect against unauthorized access and malicious activity.

Application Security

We follow secure development practices throughout our software development lifecycle, including:

Regular security testing and code reviews

Vulnerability scanning and penetration testing

Prompt patching of identified security vulnerabilities

Secure configuration management

Input validation and output encoding to prevent common web application vulnerabilities

Data Backup and Recovery

We maintain regular backups of all critical data to ensure business continuity and data recovery capability. Backups are encrypted, stored securely in geographically distributed locations, and tested regularly to verify restoration procedures.

Incident Response

We maintain a documented incident response plan to address potential security breaches or data incidents. In the event of a security incident that affects your data, we will:

Promptly investigate and contain the incident

Assess the scope and impact of the incident

Notify affected users in accordance with applicable legal requirements

Take corrective actions to prevent similar incidents

Document lessons learned and update security controls as necessary

Employee Security

All employees and contractors with access to user data undergo background checks where legally permissible. We provide regular security awareness training to ensure our team understands their responsibilities in protecting your information.

Third-Party Security

We carefully select and monitor third-party service providers who process data on our behalf. All such providers must demonstrate appropriate security measures and sign data protection agreements ensuring they handle information securely and in compliance with our standards.

Physical Security

Our offices and facilities where data may be accessed implement physical security controls including access card systems, security cameras, and visitor management procedures. Data centers utilized by our hosting providers maintain industry-standard physical security measures including 24/7 monitoring, biometric access controls, and environmental controls.

Monitoring and Logging

We maintain comprehensive logging and monitoring systems to detect suspicious activity and security incidents. Logs are retained for an appropriate period and regularly reviewed for anomalies. Access to logs is restricted to authorized security and operations personnel.

Vulnerability Management

We conduct regular security assessments and vulnerability scans of our systems and applications. Identified vulnerabilities are prioritized based on risk and remediated according to our established timelines. Critical vulnerabilities are addressed immediately.

Security Certifications and Compliance

We work toward maintaining compliance with recognized security standards and frameworks. Our security practices are designed to meet requirements for protecting sensitive information and maintaining user trust.

User Responsibilities

While we implement robust security measures, security is a shared responsibility. Users should:

Choose strong, unique passwords and change them regularly

Enable multi-factor authentication when available

Keep login credentials confidential and not share accounts

Log out of accounts when using shared devices

Keep software and devices updated with latest security patches

Report suspicious activity or potential security issues immediately

Reporting Security Concerns

If you discover a security vulnerability or have security concerns regarding our services, please report them immediately to our security team at support@odalir.com. We appreciate responsible disclosure and will work with you to address legitimate security issues promptly.

Updates to This Policy

We may update this Security Policy periodically to reflect changes in our security practices or legal requirements. The date of the last update is indicated at the top of this policy. We encourage you to review this policy regularly to stay informed about how we protect your information.

Contact Information

For questions or concerns regarding our security practices, please contact us:

Email: support@odalir.com

Phone: +380636282757

Address: Sumhaitska St, 17, Cherkasy, Cherkasy Oblast, Ukraine, 18000