top of page

Security Policy

Last Updated: 01.01.2025

​

At GammaSigma Capital ("Company," "we," "us," or "our"), we take the security of your personal information and data very seriously. This Security Policy outlines the measures we have implemented to protect your data from unauthorized access, loss, alteration, or misuse. By accessing our website ("Website") and using our services ("Services"), you agree to abide by the terms set forth in this policy.

​

1. Data Protection and Privacy

We are committed to protecting your privacy and the confidentiality of your personal information. We collect and use your data only in accordance with our [Privacy Policy] and applicable laws.

  • Encryption: We use industry-standard encryption protocols (e.g., SSL/TLS) to ensure that any data transmitted between you and our Website is secure.

  • Secure Login: We employ secure login protocols, including multi-factor authentication (MFA), to protect your account from unauthorized access.

  • Data Storage: Your personal information is stored in encrypted databases, and we implement strong access controls to restrict unauthorized personnel from accessing your data.

2. User Authentication and Access Controls

We implement strict authentication measures to verify the identity of users accessing our systems:

  • Username and Password: We require users to create a unique and strong password. Passwords must be a minimum length of [insert number] characters and include a mix of uppercase and lowercase letters, numbers, and special characters.

  • Multi-Factor Authentication (MFA): We encourage or require the use of multi-factor authentication (MFA) for an additional layer of protection when accessing your account.

  • Account Lockouts: After multiple unsuccessful login attempts, your account may be temporarily locked to prevent brute force attacks.

3. Data Security Measures

We have implemented the following security measures to ensure that your data is protected:

  • Firewalls and Intrusion Detection Systems (IDS): Our network is protected by firewalls and intrusion detection systems to prevent unauthorized access and to monitor for suspicious activity.

  • Regular Security Audits: We conduct regular security audits and vulnerability assessments to identify and address potential weaknesses in our systems.

  • Data Backup: We perform regular backups of critical data to ensure its availability in case of a system failure or security breach.

4. Payment Information Security

For users making payments on our Website, we ensure that your payment information is handled securely:

  • Payment Card Industry Data Security Standard (PCI DSS) Compliance: We comply with PCI DSS requirements to safeguard credit card information.

  • Secure Payment Processors: We use trusted third-party payment processors who follow strict security protocols to ensure that your payment data is encrypted and securely processed.

  • Tokenization: Payment card information may be tokenized to ensure that sensitive data is not stored or exposed.

5. Protection Against Malware and Viruses

To prevent the spread of malware, viruses, and other harmful software:

  • Antivirus Protection: We use up-to-date antivirus and anti-malware software to monitor our systems and detect potential threats.

  • Software Updates: We regularly update our software, including security patches, to ensure that we are protected against known vulnerabilities.

6. Employee Training and Access Restrictions

We ensure that only authorized personnel have access to sensitive information:

  • Role-Based Access Control (RBAC): Access to sensitive data and systems is restricted based on the roles of employees and their specific responsibilities.

  • Employee Training: We provide regular security training to employees to ensure they are aware of security risks and best practices for protecting user data.

7. Incident Response and Data Breach Protocol

In the event of a security breach or data compromise, we have an incident response protocol in place:

  • Incident Detection: We monitor our systems continuously for signs of potential breaches, and we have systems in place to quickly detect unauthorized access or suspicious activities.

  • Incident Notification: If a security incident occurs that compromises your personal information, we will notify you promptly in accordance with applicable data protection laws.

  • Breach Containment: We will take immediate action to contain the breach, mitigate any potential damage, and prevent future occurrences.

8. Third-Party Services

We may use third-party services, such as payment processors and hosting providers, to support our operations. We ensure that these third parties adhere to security standards that are in line with our own security practices. However, we are not responsible for the security practices of third-party vendors.

9. Secure Communication Channels

We prioritize the confidentiality of any communication you have with us:

  • Encrypted Email: We use encrypted email services to ensure the confidentiality of sensitive information sent via email.

  • Secure Messaging Systems: Where applicable, we offer secure messaging systems for direct communication with users.

10. Security Best Practices for Users

We recommend the following security measures to protect your account and personal data:

  • Use Strong Passwords: Choose a strong, unique password and change it regularly.

  • Enable MFA: Enable multi-factor authentication (MFA) on your account to provide an extra layer of security.

  • Beware of Phishing: Do not click on suspicious links or provide personal information in response to unsolicited messages or emails.

  • Log Out After Use: Always log out of your account when finished, especially when using public or shared computers.

11. Limitations of Security

While we take extensive measures to secure our systems, no method of transmission or storage is 100% secure. We cannot guarantee the absolute security of your data, but we continually work to enhance our security practices and address emerging threats.

12. Changes to Security Policy

We may update this Security Policy from time to time. Any changes will be communicated through updates to the policy, and the "Last Updated" date at the top of this page will be revised. We encourage you to periodically review this policy to stay informed about our security practices.

13. Contact Us

If you have any questions or concerns about our Security Policy or the security of your data, please contact us at:

GammaSigma Capital


contact@gammasigmacapital.com

bottom of page