Security Policy

Effective Date: July 8, 2026

DigiVerse Security Policy

At DigiVerse, protecting the confidentiality, integrity, and availability of customer information is one of our highest priorities.

This Security Policy explains the technical, organizational, and administrative measures implemented by DigiRich ("DigiVerse", "we", "our", or "us") to help protect the DigiVerse Platform, customer data, and related services.

This Policy should be read together with our Privacy Policy, Terms & Conditions, Data Processing Agreement (DPA), Acceptable Use Policy (AUP), and other applicable legal policies.

1. Introduction

DigiVerse is committed to maintaining a secure platform that helps protect customer information, business operations, and connected services from unauthorized access, misuse, disclosure, or disruption.

Security is incorporated throughout the design, development, deployment, and day-to-day operation of the DigiVerse Platform.

2. Our Security Commitment

DigiVerse is committed to:

  • Protecting customer information.
  • Maintaining secure platform operations.
  • Continuously improving our security practices.
  • Reducing cybersecurity risks.
  • Responding promptly to security incidents.
  • Complying with applicable legal and contractual obligations.

Security is treated as an ongoing process involving technology, operational controls, employee awareness, and continuous improvement.

3. Security Objectives

Our security program is designed to help ensure:

  • Confidentiality of customer information.
  • Integrity of business and platform data.
  • Availability of DigiVerse services.
  • Protection against unauthorized access.
  • Secure communication.
  • Business continuity.
  • Operational resilience.

4. Infrastructure Security

DigiVerse operates on professionally managed cloud infrastructure designed to provide secure, reliable, and scalable services.

Security measures may include:

  • Secure cloud environments.
  • Firewall protection.
  • Network segmentation where appropriate.
  • Secure server configuration.
  • Infrastructure monitoring.
  • Access logging.
  • Regular security updates.
  • Patch management.

Infrastructure providers may vary depending on operational, technical, or business requirements.

5. Data Encryption

To help protect customer information, DigiVerse uses appropriate encryption technologies where applicable.

Data in Transit

Communications between users and DigiVerse are protected using encrypted HTTPS connections with TLS (Transport Layer Security) where supported.

Data at Rest

Where applicable, stored customer data may be protected using encryption mechanisms supported by our hosting infrastructure and trusted service providers.

6. Authentication & Access Control

DigiVerse implements authentication and access controls designed to limit access to authorized users only.

Security measures may include:

  • Secure authentication.
  • Password protection.
  • Session management.
  • Role-based permissions.
  • Account verification.
  • Login monitoring.
  • Access restrictions based on assigned user roles.

Customers remain responsible for maintaining the confidentiality of their login credentials and ensuring that unauthorized persons do not gain access to their accounts.

7. Role-Based Access

DigiVerse supports role-based access controls to help organizations manage permissions securely.

Depending on your organization's configuration, users may be granted access only to the information and features necessary for their assigned responsibilities.

Example user roles may include:

  • Owner
  • Administrator
  • Manager
  • Marketing Executive
  • Sales Executive
  • Human Resources (HR)
  • Support Staff
  • Read-Only User

Organizations are responsible for assigning appropriate permissions and reviewing user access regularly.

8. Password Security

Customers play an important role in protecting their DigiVerse accounts.

We encourage users to follow good password security practices, including:

  • Create strong and unique passwords.
  • Use a different password for DigiVerse than for other services.
  • Avoid sharing passwords with others.
  • Update passwords periodically.
  • Enable additional authentication methods where available.
  • Immediately change passwords if unauthorized access is suspected.

DigiRich will never request your password by email, telephone, chat, or any other unsolicited communication.

9. API Security

DigiVerse integrates with trusted third-party platforms and services through secure APIs where supported.

Examples of supported integrations may include:

  • Meta
  • Facebook
  • Instagram
  • WhatsApp Business Platform
  • Google Services
  • Artificial Intelligence (AI) Providers
  • Payment Providers
  • Email Service Providers

Access to connected services is granted only after user authorization using supported authentication methods such as OAuth or other secure authorization mechanisms.

Where supported, users may revoke connected services or permissions at any time through DigiVerse or the respective third-party platform.

10. AI Security

DigiVerse AI features are designed to process only the information reasonably necessary to generate the requested output.

Users should avoid submitting highly sensitive information unless specifically required by an approved workflow.

Examples include:

  • Passwords.
  • Payment credentials.
  • Bank account information.
  • Authentication tokens.
  • Highly confidential business secrets.
  • Other sensitive personal information not required for the intended task.

All AI-generated responses should be reviewed by users before publication, distribution, or business use.

11. Application Security

DigiVerse follows secure software development practices intended to reduce common application security risks throughout the software development lifecycle.

Security practices may include:

  • Input Validation.
  • Authentication Controls.
  • Authorization Checks.
  • Secure Session Handling.
  • Error Handling.
  • Application Logging.
  • Security Testing During Development.
  • Dependency and Library Updates.

These practices are regularly reviewed and improved as technology, security standards, and platform requirements evolve.

12. Monitoring & Threat Detection

To help maintain the security and reliability of DigiVerse, we may monitor platform activity for potential threats and operational issues.

Monitoring activities may include:

  • Login Activity.
  • Failed Authentication Attempts.
  • Suspicious Account Behaviour.
  • API Usage.
  • Network Activity.
  • Performance Anomalies.
  • System Logs.
  • Operational Events.

Monitoring is performed solely for security, fraud prevention, operational support, incident investigation, compliance, and continuous improvement of the DigiVerse Platform.

7. Role-Based Access

DigiVerse supports role-based access controls to help organizations manage permissions securely.

Depending on your organization's configuration, users may be granted access only to the information and features necessary for their assigned responsibilities.

Example user roles may include:

  • Owner
  • Administrator
  • Manager
  • Marketing Executive
  • Sales Executive
  • Human Resources (HR)
  • Support Staff
  • Read-Only User

Organizations are responsible for assigning appropriate permissions and reviewing user access regularly.

8. Password Security

Customers play an important role in protecting their DigiVerse accounts.

We encourage users to follow good password security practices, including:

  • Create strong and unique passwords.
  • Use a different password for DigiVerse than for other services.
  • Avoid sharing passwords with others.
  • Update passwords periodically.
  • Enable additional authentication methods where available.
  • Immediately change passwords if unauthorized access is suspected.

DigiRich will never request your password by email, telephone, chat, or any other unsolicited communication.

9. API Security

DigiVerse integrates with trusted third-party platforms and services through secure APIs where supported.

Examples of supported integrations may include:

  • Meta
  • Facebook
  • Instagram
  • WhatsApp Business Platform
  • Google Services
  • Artificial Intelligence (AI) Providers
  • Payment Providers
  • Email Service Providers

Access to connected services is granted only after user authorization using supported authentication methods such as OAuth or other secure authorization mechanisms.

Where supported, users may revoke connected services or permissions at any time through DigiVerse or the respective third-party platform.

10. AI Security

DigiVerse AI features are designed to process only the information reasonably necessary to generate the requested output.

Users should avoid submitting highly sensitive information unless specifically required by an approved workflow.

Examples include:

  • Passwords.
  • Payment credentials.
  • Bank account information.
  • Authentication tokens.
  • Highly confidential business secrets.
  • Other sensitive personal information not required for the intended task.

All AI-generated responses should be reviewed by users before publication, distribution, or business use.

11. Application Security

DigiVerse follows secure software development practices intended to reduce common application security risks throughout the software development lifecycle.

Security practices may include:

  • Input Validation.
  • Authentication Controls.
  • Authorization Checks.
  • Secure Session Handling.
  • Error Handling.
  • Application Logging.
  • Security Testing During Development.
  • Dependency and Library Updates.

These practices are regularly reviewed and improved as technology, security standards, and platform requirements evolve.

12. Monitoring & Threat Detection

To help maintain the security and reliability of DigiVerse, we may monitor platform activity for potential threats and operational issues.

Monitoring activities may include:

  • Login Activity.
  • Failed Authentication Attempts.
  • Suspicious Account Behaviour.
  • API Usage.
  • Network Activity.
  • Performance Anomalies.
  • System Logs.
  • Operational Events.

Monitoring is performed solely for security, fraud prevention, operational support, incident investigation, compliance, and continuous improvement of the DigiVerse Platform.

13. Data Backups

DigiVerse performs regular backup procedures designed to support business continuity, operational resilience, and disaster recovery.

Backup activities may include:

  • Scheduled automated backups.
  • Secure backup storage.
  • Redundant storage where appropriate.
  • Periodic backup verification.
  • Disaster recovery preparation.

Backup retention periods may vary depending on operational, legal, contractual, and regulatory requirements.

Although DigiVerse maintains backup procedures, customers are encouraged to maintain independent copies of business-critical information where appropriate.

14. Business Continuity & Disaster Recovery

DigiVerse maintains business continuity and disaster recovery procedures intended to reduce service disruption resulting from unexpected events.

Recovery procedures may include:

  • Backup Restoration.
  • Infrastructure Replacement.
  • Service Recovery Planning.
  • Incident Coordination.
  • Communication with Affected Customers where appropriate.

While DigiRich makes reasonable efforts to restore services promptly, actual recovery times may vary depending on the nature, scope, and severity of the incident.

15. Security Incident Response

If DigiVerse becomes aware of a confirmed security incident affecting customer information, DigiRich will take reasonable steps to:

  • Investigate the incident.
  • Contain and mitigate the issue.
  • Implement appropriate corrective actions.
  • Restore affected services where reasonably possible.
  • Notify affected customers where required by applicable law or contractual obligations.

Incident response activities are conducted according to the nature of the event, applicable legal requirements, and operational priorities.

16. Customer Responsibilities

Security is a shared responsibility between DigiRich and our customers.

Customers are encouraged to:

  • Protect account credentials.
  • Restrict account access to authorized personnel only.
  • Enable available security features.
  • Keep computers, mobile devices, and networks secure.
  • Review user permissions regularly.
  • Promptly report suspected security incidents.
  • Comply with the DigiVerse Acceptable Use Policy.

Customers are responsible for the security of their own devices, local networks, and any third-party services connected to their DigiVerse account.

17. Security Testing

DigiVerse may conduct periodic security reviews and testing to strengthen platform security and reduce potential risks.

Security testing activities may include:

  • Vulnerability Assessments.
  • Secure Code Reviews.
  • Configuration Reviews.
  • Infrastructure Security Evaluations.
  • Monitoring and Detection Improvements.

All security testing is performed in accordance with applicable laws, operational requirements, and responsible security practices.

18. Responsible Disclosure

DigiRich encourages responsible disclosure of suspected security vulnerabilities by customers, researchers, and members of the security community.

If you discover a potential security issue, please provide sufficient information to allow us to investigate and reproduce the issue where possible.

While conducting security research, you must not:

  • Exploit vulnerabilities beyond what is reasonably necessary to demonstrate the issue.
  • Access, modify, or disclose information belonging to other users.
  • Disrupt, damage, or degrade DigiVerse services.
  • Perform activities that violate applicable laws or this Security Policy.

DigiRich appreciates responsible vulnerability reporting and will investigate legitimate reports in good faith.

19. Third-Party Services

DigiVerse relies on trusted third-party providers to deliver certain infrastructure, communication, payment, Artificial Intelligence (AI), hosting, monitoring, and other platform services.

These providers may include, but are not limited to:

  • Cloud Hosting Providers
  • Payment Gateway Providers
  • Artificial Intelligence (AI) Providers
  • Email Service Providers
  • Messaging Platforms
  • Analytics Providers
  • Monitoring & Logging Services
  • Security Infrastructure Providers

While DigiRich carefully evaluates and selects trusted service providers, we are not responsible for security incidents that occur solely within third-party systems beyond our reasonable control.

Users are encouraged to review the privacy, security, and operational policies of any third-party services connected to their DigiVerse account.

20. Security Limitations

Although DigiRich implements commercially reasonable technical, organizational, and administrative safeguards, no software platform, cloud service, network, or electronic communication system can guarantee absolute security.

Accordingly, DigiRich does not warrant or guarantee that:

  • Unauthorized access will never occur.
  • Cyberattacks can always be prevented.
  • Data breaches will never happen.
  • Services will always operate without interruption.
  • Security incidents can be completely eliminated.

Users acknowledge that the use of online services involves inherent cybersecurity risks and agree that DigiRich's security obligations are based on reasonable and commercially appropriate safeguards rather than absolute guarantees.

21. Policy Updates

DigiRich may modify, update, or replace this Security Policy from time to time to reflect changes in:

  • Technology and cybersecurity practices.
  • Applicable laws and regulations.
  • Industry standards.
  • DigiVerse services and platform features.
  • Operational and business requirements.

The most current version of this Security Policy will always be published on the DigiVerse website and may also be made available within the Platform.

Your continued use of DigiVerse after updates become effective constitutes your acceptance of the revised Security Policy.

22. Contact Us

If you have any questions regarding this Security Policy or wish to report a suspected security issue, please contact us using the details below.

DigiRich

Email: support@digirich.in
Website: https://digirich.in

If your enquiry relates to a potential security vulnerability, please include where possible:

  • A clear description of the suspected issue.
  • Steps to reproduce the issue (if known).
  • Screenshots, logs, or other supporting evidence.
  • Your contact information for follow-up communication.

DigiRich appreciates responsible disclosure and will investigate legitimate reports in good faith.

23. Acceptance

By accessing or using DigiVerse, you acknowledge that you have read, understood, and agreed to this Security Policy.

You further acknowledge that maintaining a secure environment is a shared responsibility between DigiRich and its users, and that both parties should take reasonable steps to protect accounts, systems, devices, and information.

This Security Policy forms an integral part of the DigiVerse Terms & Conditions and should be read together with the Privacy Policy, Data Processing Agreement (DPA), Acceptable Use Policy (AUP), Cookie Policy, AI Usage & Responsible AI Policy, Refund & Subscription Policy, Account Deletion Policy, and any other applicable legal policies governing your use of DigiVerse.