Security Practices

Our Approach

We prioritize protecting user data and maintaining secure systems. Security is embedded into our development lifecycle and operational practices to ensure reliability and trust.

Measures

• End-to-end HTTPS encryption for all data in transit
• Password hashing and salted storage using industry-standard algorithms
• Role-based access control to limit access based on responsibilities
• Regular security audits, vulnerability scanning, and patching
• Multi-factor authentication (MFA) for administrative accounts
• Secure API practices with rate limiting and authentication
• Data backup and recovery procedures to prevent data loss
• Monitoring and logging of critical system events for early detection

User Responsibilities

• Use strong, unique passwords and change them regularly
• Enable two-factor authentication (2FA) where possible
• Report suspicious activity or potential security issues promptly
• Keep your devices and browsers updated with the latest security patches

Incident Response

In the event of a security incident:

• Our Security Operations Team investigates and mitigates the issue immediately
• Users affected will be notified promptly with guidance on next steps
• We perform root-cause analysis and implement safeguards to prevent recurrence

Data Privacy

We comply with relevant data protection laws and regulations:

• Only collect data necessary for providing services
• Data is stored securely and access is restricted
• Users have rights to access, correct, or delete personal data

Contact

For security concerns, email team@letretro.com. We take all reports seriously and respond as quickly as possible.