Login

Security Policy

Last Updated: October 2025

1. Purpose of This Policy

This Security Policy defines Winadda’s commitment to safeguarding data integrity, confidentiality, and availability across all systems and networks.
We implement multi-layered security frameworks designed to protect user data, digital assets, and service infrastructure from unauthorized access, alteration, disclosure, or destruction.

Our security controls comply with global standards, including:

  • ISO/IEC 27001 Information Security Management

  • GDPR Article 32 (Security of Processing)

  • NIST Cybersecurity Framework (US)

  • UK Data Protection Act 2018

  • Indian IT Act (2000) and Rules 2011

2. Scope and Applicability

This policy applies to:

  • All Winadda systems, servers, and databases.

  • Employees, contractors, and affiliates with data access.

  • Third-party processors managing infrastructure or analytics.

  • All users accessing Winadda web services worldwide.

3. Information Security Principles

Winadda follows four core principles:

  1. Confidentiality — Protecting information from unauthorized disclosure.

  2. Integrity — Ensuring data remains accurate and complete.

  3. Availability — Maintaining access for authorized users when required.

  4. Accountability — Documenting and auditing all security activities for compliance.

4. Technical Safeguards

To ensure data protection, Winadda deploys:

  • 256-bit SSL/TLS Encryption for all data transfers.

  • Firewall Protection and real-time intrusion detection (IDS/IPS).

  • Multi-factor authentication (MFA) for admin access.

  • Secure VPN gateways for remote connections.

  • Automated malware and phishing detection systems.

  • Database encryption at rest and in transit.

  • Regular security patch management and system updates.

All servers are hosted on compliant infrastructure providers (AWS, Google Cloud, etc.) with independent security certifications.

5. Organizational Controls

Security is a shared responsibility within Winadda.
We maintain:

  • A dedicated Information Security Team overseeing risk management.

  • Defined access control policies based on least-privilege principle.

  • Employee training on phishing awareness and data handling.

  • Confidentiality agreements (NDAs) for all staff and vendors.

  • Periodic internal and external security audits.

6. Data Security & Storage

All data collected by Winadda is stored in encrypted databases using industry-standard algorithms (AES-256 or higher).
Access is restricted via role-based authentication and logged for audit purposes.

Data backups are performed daily and stored in geo-redundant locations to ensure disaster recovery capabilities.

7. Physical and Environmental Security

Hosting providers used by Winadda maintain Tier-III or higher data centers with:

  • 24 × 7 surveillance and biometric access controls.

  • Fire suppression and power redundancy systems.

  • Controlled entry for authorized personnel only.

These facilities undergo annual SOC 2 and ISO 27001 audits.

8. Incident Response and Reporting

Winadda follows a formal Incident Response Plan (IRP) to handle security events efficiently.

In the event of a breach or suspected intrusion:

  1. The incident is immediately reported to the Security Team.

  2. Containment and forensic analysis are performed within hours.

  3. Affected systems are isolated and remediated.

  4. Users and regulators are notified within 72 hours, as required by GDPR.

  5. A detailed post-incident review is conducted to prevent recurrence.

9. Third-Party and Vendor Management

All third-party vendors handling data for Winadda must adhere to our security standards and sign Data Processing Agreements (DPAs).
Vendors are evaluated for:

  • Compliance with GDPR/CCPA/ISO requirements.

  • Encryption and storage standards.

  • Security audits and certifications.

Non-compliant vendors are immediately discontinued from our supply chain.

10. Risk Assessment and Auditing

Winadda conducts comprehensive risk assessments quarterly to identify vulnerabilities and implement mitigation plans.
We engage external cybersecurity firms annually to perform:

  • Penetration tests and ethical hacking simulations.

  • Policy gap analysis and compliance reviews.

  • System configuration audits.

Audit results are documented and reviewed by the Security Council.

11. User Responsibilities

Users can help maintain security by:

  • Keeping devices and browsers up to date.

  • Avoiding suspicious links or phishing emails claiming to represent Winadda.

  • Not sharing login details or personal information with unauthorized sources.

  • Reporting any suspicious activity to support@winadda.com immediately.

12. Data Retention and Disposal

Data is retained only for the duration necessary to fulfil its purpose or as required by law.
Upon expiry, information is permanently deleted using secure wiping and cryptographic erasure methods.

All disposal activities are logged and audited for compliance verification.

13. Continuous Improvement

Security at Winadda is not a one-time process — it is a continuous commitment.
We regularly update this policy and our infrastructure based on emerging threats, technology changes, and regulatory updates.

Feedback from security audits and user reports is used to strengthen our framework.

14. Contact and Escalation

If you suspect a security breach or have a cybersecurity concern, contact us at:
📧 support@winadda.com
💬 WhatsApp: https://wa.link/winra
📍 Response Time: Within 24–72 hours (depending on severity).

15. Jurisdiction and Compliance

This Security Policy is governed by international cybersecurity principles and administered under the laws of the Republic of India for operational purposes.
Disputes shall be settled through confidential arbitration in accordance with UNCITRAL Model Law or regional legal standards where applicable.

Sportsbook In-play Home Casino Preferences
WhatsApp Get ID Now