Security Overview

1. Security Program

We maintain administrative, technical, and organizational safeguards designed to protect confidentiality, integrity, and availability of customer data.

2. Core Controls

• Encryption in transit via TLS and encryption at rest where supported
• Access controls, least-privilege permissions, and authentication safeguards
• Centralized logging, monitoring, and incident response processes
• Secure development lifecycle and dependency management practices
• Operational backup and recovery procedures

3. Incident Handling

We follow incident response procedures for detection, containment, investigation, remediation, and communication. Where legally required, affected customers are notified without undue delay.

4. Responsible Disclosure

If you discover a potential security vulnerability, emailsecurity@losthills.co. Do not attempt destructive testing, privacy-invasive actions, or service disruption.