Legal policy

Information Security Policy

Security commitments for DurujScore systems, data, integrations, and operations.

Plain-language public reference. Last updated June 2026. Institution contracts, regulator instructions, and applicable law may impose additional requirements.

Privacy CA Privacy Terms Data Preferences NBE Compliance

Security controls

Encryption at rest and in transit.
Role-based access control, multi-factor authentication, audit logging, and continuous monitoring.
Backup and recovery, incident response, vulnerability management, and penetration testing.
Least-privilege access for staff, institutions, API clients, and service providers.

Compliance contact

For privacy, data-subject, institutional compliance, or regulator requests, contact compliance@duruj.io.