Security

Nipux uses layered controls across infrastructure, application, and operational workflows to protect customer data and maintain service reliability.

Security policies and internal procedures are reviewed regularly to align with evolving threats and system changes.

Data is encrypted in transit using TLS and protected at rest by managed cloud provider controls. Access to production systems is restricted by role and business need.

Secrets and credentials are managed through secured configuration workflows and are not exposed in client applications.

Administrative access requires authenticated identities, least-privilege permissions, and auditability of key operational actions.

We monitor platform health and security signals to detect suspicious behavior and respond to incidents quickly.

Nipux maintains an incident response process for triage, containment, remediation, and follow-up review when security events occur.

If an incident materially affects customer data, impacted users are notified in line with legal and contractual obligations.

If you identify a potential vulnerability, contact security@nipux.com with reproduction details. Please do not exploit vulnerabilities or access user data.

We investigate reports promptly and coordinate remediation based on severity and impact.