Information Security Policy

Chromaticas is committed to protecting the security of our information assets and the data entrusted to us by our users. This Information Security Policy outlines our approach to maintaining the confidentiality, integrity, and availability of information.

Security Objectives

Our information security objectives are to:

• •Protect confidentiality: Ensure that information is accessible only to those authorized to have access.
• •Maintain integrity: Safeguard the accuracy and completeness of information and processing methods.
• •Ensure availability: Ensure that authorized users have access to information and associated assets when required.
• •Comply with regulations: Adhere to all relevant legal, regulatory, and contractual requirements.

Security Measures

We implement the following security measures:

• •Access Control: Strict access controls based on the principle of least privilege.
• •Encryption: Data encryption for sensitive information both in transit and at rest.
• •Regular Backups: Systematic backup procedures to prevent data loss.
• •Security Monitoring: Continuous monitoring for unauthorized access or suspicious activities.
• •Vulnerability Management: Regular security assessments and prompt patching of vulnerabilities.
• •Incident Response: Documented procedures for responding to security incidents.

Security Incident Reporting

If you discover a security vulnerability or believe a security incident has occurred, please contact us immediately at chromaticas0102@gmail.com.

Employee Responsibilities

All Oristarium employees and contractors are required to:

• •Comply with all information security policies and procedures
• •Protect confidential information from unauthorized access
• •Report suspected security incidents promptly
• •Participate in security awareness training

Policy Review

This Information Security Policy is reviewed annually and updated as necessary to reflect changes in technology, business requirements, or regulatory environment.