Security

1. Our Security Commitment

Security is a top priority at HAI UAE. We implement comprehensive security measures to protect your personal information, account data, and transactions from unauthorized access, disclosure, or misuse.

2. Technical Security Measures

2.1 Encryption

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols
• HTTPS: Our website uses HTTPS to ensure secure connections
• Password Encryption: Passwords are encrypted using bcrypt hashing with salt
• Data at Rest: Sensitive data is encrypted when stored in our database

2.2 Firewalls and Intrusion Detection

• Web Application Firewalls (WAF) protect against common attacks
• Intrusion Detection Systems monitor for unauthorized access attempts
• DDoS protection safeguards against denial-of-service attacks

2.3 Server Security

• Regular security patching and updates
• Principle of least privilege for user access
• Secure server configuration and hardening
• Regular vulnerability scanning and penetration testing

3. Account Security

3.1 Password Security

• Strong password requirements (minimum complexity)
• Password reset functionality with verification
• Two-factor authentication (2FA) available
• Session timeouts for added security

3.2 Access Control

• Role-based access control (RBAC)
• Failed login attempt monitoring and lockout
• Session management and token validation
• CSRF (Cross-Site Request Forgery) token protection

4. Data Protection Practices

• Regular backups of all critical data
• Secure data disposal procedures
• Access logs and audit trails maintained
• Data minimization - we collect only necessary information
• Third-party vendor security vetting

5. Employee Security

• Mandatory security training for all staff
• Background checks for employees with data access
• Non-disclosure agreements (NDAs) required
• Limited access to sensitive data on need-to-know basis

6. Payment Security

• PCI DSS compliance for payment processing
• Tokenization of payment information
• Third-party payment processors certified for security
• No storage of full credit card numbers

7. Incident Response

In case of a security breach, we will:

• Investigate the incident immediately
• Notify affected users as required by law
• Take corrective measures
• Cooperate with law enforcement as needed
• Document and learn from incidents

8. Your Security Responsibilities

• Choose a strong, unique password
• Never share your login credentials
• Log out when finished, especially on shared devices
• Keep your browser updated
• Report suspicious activity immediately

9. Reporting Security Issues

If you discover a security vulnerability, please report it responsibly to: hello@haiuae.com

10. Regular Security Audits

• Annual third-party security audits
• Regular vulnerability assessments
• Penetration testing by certified professionals
• Continuous monitoring and threat detection

11. Contact Security Team

For security-related questions or concerns: hello@haiuae.com