Security Policy
Our measures for data protection and information security
11. Introduction
At MEGA PROMOTING S.R.L., customer data security is our top priority. We implement measures compliant with: ISO 27001:2022 SOC 2 Type II GDPR Art. 32
22. Encryption
Data at rest: AES-256 Data in transit: TLS 1.3 Voice recordings: AES-256-GCM (end-to-end) Backups: AES-256
33. Access Control
Mandatory MFA for all employees RBAC (Role-Based Access Control) Least privilege principle Quarterly access reviews SSO available for Enterprise
44. Infrastructure
ISO 27001, SOC 2 certified data centers Next-gen firewalls, IDS/IPS 24/7 SIEM monitoring Automatic DDoS protection Multi-zone redundancy
55. Application Security
Integrated Secure SDLC Mandatory code review Automatic SAST/DAST Annual penetration testing Continuous vulnerability scanning
66. Incident Response
Complete plan: Detection → Analysis → Containment → Eradication → Recovery → Lessons learned Notifications per GDPR Art. 33-34 within 72 hours.
77. Vulnerability Reporting
We appreciate responsible disclosure: Email: contact@kallina.info (subject: "Security") Response within 24 hours
88. Contact
MEGA PROMOTING S.R.L. IDNO: 1019600021765 Email: contact@kallina.info Phone: +373 61 066 888