Data Security

DarzioTech is built on a defence-in-depth architecture. Every layer of the stack — network, application, database, and client — implements independent security controls so that no single failure compromises your data.

The platform enforces HTTPS-only access with HSTS headers, content security policies, and strict CORS controls. All API endpoints are rate-limited to prevent abuse.

All data in DarzioTech is encrypted at every stage — in transit and at rest.

DarzioTech enforces strict multi-tenant isolation — every database query is scoped to your tenant ID. It is architecturally impossible for one shop's data to leak into another's.

Within your account, role-based access control (RBAC) lets you assign staff to Owner, Manager, or Staff roles, each with precisely scoped permissions.

DarzioTech is hosted on infrastructure located within India, complying with Indian data localization requirements. Servers are deployed behind a firewall with SSH key-only access and no exposed management ports.

Automated daily backups are encrypted and stored in a geographically separate location within India. Point-in-time recovery is available for the last 30 days.

We maintain a continuous patching schedule for all server OS packages, language runtimes, and dependencies. Critical CVEs are patched within 24 hours of disclosure.

Our codebase undergoes regular internal security reviews covering OWASP Top 10 vulnerabilities including SQL injection, XSS, CSRF, and insecure deserialization.

In the event of a confirmed security incident affecting your data, we will notify affected users within 72 hours of detection via email, in accordance with CERT-In guidelines.

Notifications will include: nature of the incident, data affected, steps taken to contain it, and recommendations for your account.

Security is a shared responsibility. While DarzioTech secures the platform infrastructure, you are responsible for the security of your account credentials and the devices used to access DarzioTech.