DevGruha

Security Policy

Last Updated: 1 June 2026

At DevGruha, we take the security of our platform, services, and user data extremely seriously.

DevGruha Tech Solution LLP ("DevGruha", "Company", "We", "Us", "Our") implements state-of-the-art administrative, technical, and physical safeguards to protect all information collected, stored, or processed on our spiritual ecosystem Platform.

1. Data Security & Encryption

We utilize industry-standard cryptographic techniques to safeguard your data at every stage of its lifecycle:

  • Data in Transit: All data transmitted between your device and our servers is encrypted using Secure Socket Layer (SSL) and Transport Layer Security (TLS 1.2 or higher).
  • Data at Rest: Sensitive databases, user credentials, and files are encrypted using Advanced Encryption Standard (AES-256) at the storage tier.

2. Cloud & Infrastructure Security

Our services are hosted on robust, secure cloud infrastructure operated by leading global providers. Key infrastructure security practices include:

  • Multi-layered firewalls and network isolation (VPC) to restrict unauthorized backend traffic.
  • Distributed Denial of Service (DDoS) protection layers to ensure continuous service availability.
  • Continuous real-time server monitoring, threat logging, and intrusion detection systems.

3. Application Security & Access Control

We implement rigid security controls over application features and internal operations:

  • Identity Management: Passwords and credentials are salted and hashed using modern hashing algorithms. We support and recommend secure Multi-Factor Authentication (MFA).
  • Internal Operations: Access to customer data is strictly limited to authorized personnel using the principle of least privilege, guarded by strong authentication systems.
  • Payment Security: All payments are routed directly through secure, PCI-DSS compliant third-party gateways. We do not store complete banking or card credentials.

4. Security Audits & Monitoring

Our engineering teams regularly test and audit the platform for flaws, including:

  • Automated static and dynamic code analysis during continuous integration and development pipelines.
  • Periodic vulnerability assessments and system patch management to address newly discovered hardware or OS vulnerabilities.

5. Vulnerability Disclosure Policy

We appreciate the help of security researchers who help protect the DevGruha ecosystem. If you discover a potential vulnerability, we invite you to report it to us responsibly:

  • Email your findings directly to namastey@devgruha.com with detailed reproduction steps.
  • Give us reasonable time to investigate and patch the issue before making it public.
  • Do not attempt to access, modify, or destroy user data, or perform physical, social engineering, or DDoS attacks against our systems.

If these guidelines are followed, we promise to validate the issue promptly and will not seek legal action against the reporter.

6. Contact Information

For general security inquiries, concerns, or reporting potential threats, please reach out to our security team:

DevGruha Tech Solution LLP

Email: namastey@devgruha.com

Website: www.devgruha.com

By continuing to use DevGruha, you acknowledge and support our Security Policy.