Security Policy
Introduction
This Security Policy outlines the measures Apico takes to ensure the security of sensitive information, including keys and APIs generated through our service. It also clarifies the responsibilities of our users in safeguarding this information.
Storage of Sensitive Keys
- We prioritize the security of sensitive keys created through our service.
- All sensitive keys are stored in a well-encrypted format, using industry-standard encryption methods to ensure their confidentiality and integrity.
- Regular audits and updates to our encryption practices are conducted to maintain high security standards.
API Security
- APIs containing sensitive information must be kept confidential and away from unauthorized parties.
- Users are responsible for treating such APIs as secret, particularly if no additional access restrictions are set by the user.
- It is recommended that users implement appropriate access controls and monitor the usage of these APIs to prevent unauthorized access.
User Responsibility and Liability
- When users grant access to Apico to create APIs for their application via their account, they bear the responsibility for the secure management of these APIs.
- Apico is not responsible for any misuse, unauthorized access, or damage resulting from the public publishing, distribution, or provision of access to these APIs to unauthorized parties.
- Users are strongly advised to implement and adhere to stringent security practices, including but not limited to:
- Regularly reviewing and updating access permissions.
- Monitoring the usage of the APIs to detect any unauthorized or suspicious activities.
- Implementing additional layers of security, such as two-factor authentication, where possible.
Reporting Security Issues
- Users are encouraged to report any security issues or vulnerabilities they discover in relation to the APIs or keys provided by Apico.
- Reports can be made via our dedicated security contact channel at swinkdev.api@gmail.com.
Policy Review and Updates
- This Security Policy will be periodically reviewed and updated to reflect the evolving security landscape and our commitment to the best security practices.
- Users will be notified of significant changes to the policy.
Contact Information
For any questions or concerns about this Security Policy, please contact us at swinkdev.api@gmail.com.