Security, privacy, and compliance aren't things we bolt on at the end. They're how we operate from day one of every engagement.
As a Data Fiduciary operating in India, Axiom Infinity is fully compliant with the Digital Personal Data Protection Act 2023 read with the DPDP Rules 2025. We process personal data only with explicit, specific consent and only for the purposes stated at the time of collection.
Our appointed Grievance Officer responds to all privacy inquiries with a 48-hour acknowledgment and 15-day resolution SLA. Data Principals may exercise their rights at any time by emailing privacy@axiominfinity.net.
All communications encrypted with TLS 1.3 minimum. HSTS preload registered. CAA DNS records restrict certificate issuance.
Internal services not exposed to the public internet. mTLS between services. Employee access via hardware FIDO2 keys.
Cloudflare WAF with OWASP CRS paranoia level 2. Bot Fight Mode enabled. Rate limiting on all public APIs.
72-hour breach notification to regulators and affected parties. Incident Response Retainer with pre-defined escalation paths.
Continuous vulnerability scanning. External penetration test annually. Critical patches applied within 48 hours of disclosure.
All sub-processors assessed before engagement. Signed DPAs in place. Annual security questionnaire reviews.
Our security team responds to all enquiries within 24 hours.
Email security@axiominfinity.net →