Information Security Policy
- Document ID
- APL-SEC-001
- Version
- 1.0
- Effective Date
- 29 June 2026
- Last Updated
- 29 June 2026
- Owner
- Aionpixel Technologies Private Limited
Aionpixel Information Security
- Scope
- Our Security Principles
- Security Governance
- Protecting Customer Information
- Secure Product Development
- Cloud and Infrastructure Security
- Security Monitoring and Incident Response
- Customer Responsibilities
- Third-Party Service Providers
- Compliance and Continuous Improvement
- Reporting Security Concerns
- Related Documents
At Aionpixel Technologies Private Limited ("Aionpixel", "we", "our", or "us"), information security is a fundamental part of how we design, develop, deliver, and support our software products and digital services.
Our customers entrust us with information that is important to their organisations, employees, students, parents, and other stakeholders. We recognise this responsibility and are committed to implementing appropriate administrative, technical, and organisational measures to protect the confidentiality, integrity, and availability of the information processed through our platforms.
This Information Security Statement provides an overview of our approach to protecting information and maintaining the security of our services.
2. Scope
This Statement applies to Aionpixel's:
- Corporate operations.
- Corporate website.
- Cloud-based software products.
- Mobile applications.
- Web applications.
- APIs and integrations.
- Supporting technology infrastructure.
- Internal operational systems related to the delivery and support of our products.
Individual products may publish additional security documentation that supplements this Statement.
3. Our Security Principles
Our security programme is guided by the following principles:
Security by Design
Security considerations are incorporated throughout the software development lifecycle rather than being added after deployment.
Privacy by Design
Privacy requirements are considered during product design, development, testing, and operational processes.
Defence in Depth
We implement multiple layers of administrative, technical, and operational controls to reduce the likelihood and impact of security incidents.
Least Privilege
Access to systems and information is granted only to authorised individuals based on business need and the principle of least privilege.
Continuous Improvement
Our security practices evolve in response to technological developments, emerging threats, customer feedback, and applicable regulatory requirements.
4. Security Governance
Information security is supported through a governance framework that includes:
- Security policies and standards.
- Access management processes.
- Secure software development practices.
- Change management procedures.
- Security monitoring.
- Incident response procedures.
- Risk management activities.
- Vendor and third-party assessments.
- Periodic review of security controls.
Responsibilities for information security are shared across leadership, engineering, operations, customer support, and authorised personnel.
5. Protecting Customer Information
We implement safeguards designed to protect customer information throughout its lifecycle. These safeguards may include:
- Role-based access controls.
- Secure authentication mechanisms.
- Encryption technologies where appropriate.
- Audit logging.
- Network security controls.
- Secure backup procedures.
- Security monitoring.
- Controlled administrative access.
The specific controls implemented may vary depending on the product, deployment model, contractual requirements, and applicable regulations.
6. Secure Product Development
Our engineering teams strive to incorporate secure development practices throughout the product lifecycle, including:
- Secure architecture reviews.
- Code reviews.
- Input validation.
- Authentication and authorisation controls.
- Secure API design.
- Dependency management.
- Security testing.
- Controlled software release processes.
Security considerations are integrated into product development from design through deployment.
7. Cloud and Infrastructure Security
Our cloud infrastructure is designed to support secure, reliable, and resilient operation of our services. Infrastructure security practices may include:
- Secure network architecture.
- Firewalls and network protections.
- Access management.
- Monitoring and logging.
- Backup and recovery capabilities.
- Configuration management.
- High availability measures where appropriate.
Infrastructure is reviewed periodically to maintain operational resilience and support evolving business requirements.
8. Security Monitoring and Incident Response
We maintain processes for identifying, investigating, and responding to security events. Our incident response approach includes:
- Detection.
- Assessment.
- Containment.
- Investigation.
- Recovery.
- Corrective actions.
- Post-incident review.
Where applicable, customers will be informed of confirmed security incidents affecting their information in accordance with contractual obligations and applicable law.
9. Customer Responsibilities
Information security is a shared responsibility. Customers can help protect their information by:
- Managing user accounts appropriately.
- Assigning permissions based on job responsibilities.
- Using strong passwords.
- Enabling multi-factor authentication where supported.
- Keeping devices updated.
- Reporting suspected security concerns promptly.
- Following organisational security policies.
10. Third-Party Service Providers
Aionpixel may engage carefully selected third-party service providers to support the delivery of our products and services. Where appropriate, service providers are expected to maintain security measures consistent with the nature of the services they provide and are subject to contractual obligations relating to confidentiality and information protection.
11. Compliance and Continuous Improvement
We regularly review our information security programme to:
- Improve operational resilience.
- Address emerging cybersecurity risks.
- Enhance security capabilities.
- Support customer expectations.
- Align with evolving legal, regulatory, and industry requirements.
Security is an ongoing process, and we remain committed to continuously strengthening our practices.
12. Reporting Security Concerns
If you believe you have identified a security issue relating to Aionpixel's website, products, or services, please contact us promptly.
Aionpixel Technologies Private Limited
security@aionpixel.comPlease include sufficient information to help us understand and investigate the issue. We request that security concerns are reported responsibly and that you refrain from exploiting any suspected vulnerability.
13. Related Documents
This Statement should be read together with:
- Corporate Privacy Policy
- Website Terms of Use
- Cookie Policy
- Product-specific Privacy Notices
- Product-specific Terms of Service (where applicable)
Version History
| Version | Date | Description |
|---|---|---|
| 1.0 | 29th June 2026 | Initial Release |