Security Measures

Last Updated: 10.11.2025

At Jurex.AI, we take the protection of user data, digital content, and system integrity with the utmost seriousness.

We maintain a comprehensive framework of technical and organizational security controls designed to safeguard all information processed through our platform, prevent unauthorized access, and ensure data continuity.

Below are the key measures implemented by Jurex.AI:

5.1. Encryption

All data transmitted between users and Jurex.AI servers is secured using industry-standard HTTPS/TLS (Transport Layer Security) encryption protocols.

This ensures that all communication — including login details, templates, and payment transactions — remains encrypted and protected against interception or tampering.

Sensitive data stored within our systems, such as user credentials or payment identifiers, is hashed and/or encrypted at rest using strong encryption standards (e.g., AES-256).

Encryption keys are securely managed and rotated periodically in accordance with internal security policies.

5.2. Access Control

Access to all internal systems, databases, and user information is strictly controlled and role-based.

Only authorized personnel with a defined business need have access to specific systems or data.

All employees and contractors are bound by confidentiality and data protection agreements.

Multi-factor authentication (MFA) is enforced for all privileged administrative accounts.

Access logs are continuously monitored and reviewed to detect unauthorized activities or anomalies.

5.3. Data Backups & Business Continuity

Jurex.AI performs regular encrypted backups of critical systems and databases to ensure service continuity and data recoverability.

Backups are stored in geographically distributed, secure data centers.

Backups undergo periodic restoration testing to verify integrity and reliability.

In the event of data loss or system failure, disaster recovery procedures allow for the restoration of essential services within a defined Recovery Time Objective (RTO).

5.4. Vulnerability Management

We maintain an active vulnerability management and patching program to safeguard the platform from known threats and exploits.

Regular security scans, penetration tests, and code reviews are conducted by internal teams and third-party specialists.

Identified vulnerabilities are prioritized and remediated according to severity and impact.

All system dependencies and libraries are monitored for security advisories, and patches are applied promptly.

A secure development lifecycle (SDLC) framework is followed for new feature releases to prevent security regression.

5.5. User Responsibility

Security is a shared responsibility between Jurex.AI and its users.

To help maintain account integrity and data accuracy, users are required to:

Keep their login credentials, passwords, and API keys confidential and not share them with others.

Use strong, unique passwords and enable two-factor authentication (if available).

Review and verify the correctness of data they upload, generate, or store within the platform.

Notify Jurex.AI immediately if they suspect unauthorized access or unusual account activity.

Failure to adhere to basic account security practices may limit Jurex.AI’s ability to assist in the event of compromise.

5.6. Incident Response & Breach Notification

Jurex.AI has an established Incident Response Plan (IRP) to address security events effectively and transparently.

All incidents are logged, assessed, and managed by our security and compliance teams.

Immediate containment, investigation, and remediation steps are taken to minimize impact.

In the event that a personal data breach is identified, affected users and relevant authorities will be notified within 72 hours, in accordance with applicable data protection laws (such as GDPR or PDPA).

Post-incident reviews are conducted to strengthen controls and prevent recurrence.

5.7. Continuous Monitoring & Improvement

Security at Jurex.AI is not a one-time activity but a continuous process.

Our systems are continuously monitored for suspicious activities, failed logins, or anomalies.

We actively track emerging security threats, industry advisories, and best practices.

Policies and procedures are reviewed regularly to ensure ongoing compliance and relevance.

5.8. Compliance and Audits

Jurex.AI’s security practices are aligned with recognized industry frameworks and data protection standards.

Periodic internal audits are conducted to validate compliance with security and privacy requirements.

External audits or third-party assessments may be performed to validate the robustness of our information security controls.