Security Policy
Last Updated: June 19, 2025
Pernokid ("we," "us," or "our") is committed to protecting the security of our platform and the data entrusted to us by our users. This Security Policy describes the technical and organizational measures we implement to safeguard our systems, services, and your information when you use reutars.pro.
1. Scope
This policy applies to all systems, infrastructure, applications, and processes operated by Pernokid, including our website, online learning platform, and any related services. It covers data in transit, data at rest, and all access points through which users interact with our services.
2. Data Encryption
2.1 Data in Transit
All data transmitted between your browser and our servers is encrypted using Transport Layer Security (TLS). We enforce a minimum of TLS 1.2 across all endpoints and redirect unencrypted HTTP connections to HTTPS automatically.
2.2 Data at Rest
Sensitive data stored on our servers and databases is encrypted using industry-standard encryption algorithms. Encryption keys are managed with strict access controls and rotated on a defined schedule.
3. Access Controls
3.1 Internal Access
Access to production systems and user data is restricted to authorized personnel only. We apply the principle of least privilege, granting each team member access only to the systems and data necessary for their role.
3.2 Authentication
Internal accounts with access to sensitive systems require strong passwords and multi-factor authentication (MFA). Authentication credentials are never shared between individuals.
3.3 User Accounts
User accounts on our platform are protected through password hashing using recognized cryptographic functions. Users are encouraged to choose strong, unique passwords and to enable any available account security features.
4. Infrastructure Security
Our infrastructure is hosted with reputable cloud service providers that maintain recognized security certifications. We apply the following measures to protect our infrastructure:
- Network segmentation to isolate sensitive systems
- Firewalls and network-level access restrictions
- Regular patching and updates to operating systems, software dependencies, and third-party libraries
- Intrusion detection and monitoring on critical systems
- Restricted administrative access through hardened configurations
5. Application Security
5.1 Secure Development Practices
Our development team follows secure coding guidelines throughout the software development lifecycle. Security considerations are integrated into design, development, and deployment stages.
5.2 Vulnerability Management
We conduct regular reviews of our codebase and dependencies to identify and remediate known vulnerabilities. Third-party components are monitored for disclosed security issues and updated promptly.
5.3 Testing
Security testing, including code review and vulnerability assessments, is performed on a recurring basis. Critical changes to the platform undergo additional security review before deployment.
6. Monitoring and Logging
We maintain logs of access and activity across our systems to support security monitoring, incident investigation, and anomaly detection. Logs are stored securely and reviewed on a regular basis. Automated alerting is in place for unusual or suspicious activity patterns.
7. Incident Response
We maintain an incident response plan to address security events in a timely and organized manner. In the event of a confirmed security incident that affects user data, we will:
- Investigate and contain the incident promptly
- Assess the scope and impact of the event
- Notify affected users as appropriate and in accordance with applicable obligations
- Take corrective action to prevent recurrence
- Document lessons learned and update security controls accordingly
8. Data Backup and Recovery
We perform regular automated backups of critical data and systems. Backups are encrypted and stored in a manner that allows recovery in the event of data loss or system failure. Recovery procedures are tested periodically to verify their effectiveness.
9. Third-Party Services
We engage third-party service providers to support certain aspects of our platform, such as payment processing, analytics, and infrastructure hosting. We evaluate third parties on their security practices and limit the data shared with them to what is necessary. Third parties with access to user data are required to handle it securely and in accordance with agreed terms.
10. Physical Security
Our platform operates in cloud environments managed by established providers with robust physical security controls, including access restrictions to data centers, environmental safeguards, and continuous on-site monitoring. We do not operate our own physical data center facilities.
11. Employee Security Practices
Team members with access to systems or user data are informed of their security responsibilities. Access is revoked promptly upon termination of employment or change in role. We maintain internal guidelines on acceptable use, data handling, and secure behavior.
12. Responsible Disclosure
If you believe you have discovered a security vulnerability in our platform, we encourage you to report it to us responsibly. Please contact us at help@reutars.pro with a description of the issue. We will review all reports and respond as promptly as possible. We ask that you refrain from exploiting any vulnerability or disclosing it publicly before we have had a reasonable opportunity to investigate and address it.
13. Changes to This Policy
We may update this Security Policy from time to time to reflect changes in our practices, technologies, or applicable requirements. When we make material changes, we will update the date at the top of this page. We encourage you to review this policy periodically.
14. Contact Us
If you have questions or concerns about this Security Policy or our security practices, please contact us:
Pernokid
817A King St #203, Alexandria, VA 22314, United States
Phone: +1 701 799 5654
Email: help@reutars.pro
Website: reutars.pro