Privacy & Security - NegroMart Corporate

Security Practices

Built to Protect

Last Updated: November 13, 2025

1. Our Security Commitment

At NEGROMART, security is not an afterthought — it's the foundation of everything we do. We implement industry-leading security practices to protect your data, transactions, and trust.

Our security program is continuously monitored, regularly audited, and designed to meet PCI DSS, ISO 27001, and GDPR standards.

100% of transactions are encrypted. Zero tolerance for breaches.

2. Encryption Standards

In Transit

  • TLS 1.3 (256-bit)
  • HSTS enforced
  • Perfect Forward Secrecy

At Rest

  • AES-256 encryption
  • Keys managed via AWS KMS
  • Tokenized payments

3. Secure Infrastructure

AWS Cloud Hosting

Redundant, geo-distributed

WAF & DDoS Protection

Cloudflare Enterprise

Mobile App Hardening

Code obfuscation & root detection

4. Access Controls

  • Multi-Factor Authentication (MFA) required for all staff
  • Role-Based Access Control (RBAC) with least privilege
  • Session monitoring and automatic logouts

5. Real-Time Monitoring

24/7 SOC with AI-powered anomaly detection

Fraud detection blocks 99.9% of suspicious transactions

6. Compliance & Audits

PCI DSS Level 1ISO 27001 CertifiedGDPR Compliant

Annual third-party penetration testing

Quarterly vulnerability scans

Regular employee security training

7. Incident Response

In the unlikely event of a security incident:

  1. Immediate containment and investigation
  2. Notification within 72 hours (if required)
  3. Full transparency and support
  4. Post-incident review and improvements

8. Report a Vulnerability

Found a security issue? We want to know.

Email

security@negromart.com

Bug Bounty

Rewards up to ₵50,000