1. GENERAL PROVISIONS
This Security Policy defines the core principles and measures designed to ensure the protection of user data of the safeclouds.space service (hereinafter referred to as the “Service”). We strive to guarantee the confidentiality, integrity, and availability of the information entrusted to us by our users.
This Policy applies to all data processing, storage, and transmission processes, as well as to all employees, contractors, and partners who have access to the Service’s infrastructure.
2. DATA ENCRYPTION
To protect user files from unauthorised access, we employ modern cryptographic algorithms:
Encryption in transit – all data exchange channels between your device and our servers are secured using the TLS protocol with up‑to‑date cryptographically strong ciphers.
Encryption at rest – all files uploaded to the Service are stored in an encrypted form on disk arrays. We use the AES‑256 standard, which is recognised as one of the most reliable in the industry.
Encryption keys are managed separately from the data itself, which prevents their compromise even in the event of unauthorised access to physical media.
3. ACCESS MANAGEMENT AND IDENTIFICATION
We implement a multi‑level access control system so that each user has access only to the data they are permitted to see:
Unique user accounts – each user is assigned an individual identifier. Shared or guest accounts are not used.
Multi‑Factor Authentication (MFA) – for additional account protection, we strongly recommend and support the use of two‑factor authentication.
Role‑Based Access Control (RBAC) – permissions for files, folders, and workspaces can be flexibly configured according to the user’s role (owner, editor, viewer, etc.).
Password policy – we enforce password complexity requirements (at least 8 characters, including upper and lower case letters, digits, and special characters), as well as regular password changes for critical accounts.
4. PROTECTION AGAINST NETWORK ATTACKS AND MALWARE
The Service’s infrastructure is protected by a comprehensive set of network and application‑level security measures:
Content Security Policy (CSP) – we have configured a content security policy that prevents cross‑site scripting (XSS) and other code injection attacks.
Uploaded file filtering – we validate file types and extensions, and also scan for malicious code before saving files on the server.
DDoS protection – specialised tools are used to detect and block anomalous traffic.
Regular software updates – all components of the server infrastructure are updated in a timely manner to address known vulnerabilities.
5. BACKUP AND RECOVERY
We guarantee the safety of your data even in emergency situations:
Regular creation of backup copies of all user data on geographically distributed sites.
Use of immutable backups – backup copies cannot be deleted, encrypted, or altered within a specified retention period.
We have developed and regularly test Disaster Recovery Plans to minimise downtime in the event of failures and incidents.
6. INCIDENT MANAGEMENT AND RESPONSE
When a security threat or incident is detected, we act promptly and transparently:
24/7 monitoring – logging and event analysis systems operate around the clock, recording all suspicious activities.
Internal audits – we regularly conduct security assessments and vulnerability scans.
Response plan – we have defined procedures for data breaches, hacking, or other critical situations. Users will be notified of any serious incidents in accordance with the law.
Root cause analysis – after each incident, we conduct an investigation to eliminate underlying causes and prevent recurrence.
7. COMPLIANCE WITH REGULATORY REQUIREMENTS
We strive to comply with both international and Russian security standards:
Personal data processing is carried out in accordance with the requirements of Federal Law No. 152‑FZ (on personal data).
We have implemented organisational and technical measures recommended for compliance with GDPR in terms of data protection and privacy.
The Privacy Policy and Terms of Use of the Service are developed with consideration of current regulations and are regularly reviewed.
8. USER RESPONSIBILITIES
Security is a shared responsibility. We ask our users to:
Use strong passwords and not share them with third parties.
Enable two‑factor authentication to protect their account.
Immediately report any suspicious activity or discovered vulnerabilities through the Service’s contact channels.
Comply with the Service’s usage rules and refrain from uploading files that violate the law.
9. CONTACTS
For any security‑related questions, you may reach out to us at:
Technical support: support@safeclouds.space
We are open to dialogue and appreciate your vigilance. Together, we will make safeclouds.space a truly secure space for your files.