Your Data is Safe With Us

Security at ResQ

At ResQ, security isn't an afterthought — it's built into everything we do. We protect the data of millions of users and emergency service providers with industry-leading security practices. Your trust is our most valuable asset.

1. Data Encryption

All data transmitted between your device and ResQ servers is protected using TLS 1.3 (Transport Layer Security) — the same encryption standard used by banks and financial institutions. Data stored on our servers is encrypted using AES-256, one of the strongest encryption algorithms available.

• In-Transit Encryption: TLS 1.3 for all network communications
• At-Rest Encryption: AES-256 for stored data
• Database Encryption: Encrypted volumes with key management
• Backup Encryption: All backups are encrypted before storage

2. Authentication & Access Control

We implement multiple layers of authentication to ensure only authorized users access your data:

• Multi-Factor Authentication (MFA) for all accounts
• Biometric authentication supported on mobile devices
• Role-based access control (RBAC) for emergency services
• Automatic session timeout after inactivity
• Suspicious activity detection and alerting

3. Infrastructure Security

Our infrastructure is built on secure, compliant cloud providers with multiple layers of protection:

• 24/7 security monitoring and intrusion detection
• Distributed Denial of Service (DDoS) protection
• Regular vulnerability assessments and penetration testing
• Automated security patches and updates
• Geographically redundant data centers

4. Privacy by Design

ResQ follows "Privacy by Design" principles — privacy is integrated into our products from the ground up, not added as an afterthought.

• Location Privacy: We only access location during SOS — never background tracking
• Data Minimization: We collect only what's necessary for emergency response
• Purpose Limitation: Data used only for specified purposes
• Storage Limitation: Data retained only as long as necessary

5. Compliance & Certifications

ResQ is committed to meeting global security and privacy standards:

• GDPR - General Data Protection Regulation (EU)
• IT Act 2000 - Information Technology Act (India)
• DPDP Act 2023 - Digital Personal Data Protection Act (India)
• ISO 27001 - Information Security Management (In Progress)
• HIPAA - Health Information Privacy (Healthcare partners)

6. Incident Response Plan

We have a dedicated Security Incident Response Team (SIRT) available 24/7 to respond to any security events. Our incident response plan includes:

• Immediate containment and investigation
• User notification within 72 hours (if required)
• Root cause analysis and remediation
• Regulatory reporting as required by law
• Post-incident review and improvements

7. Third-Party Security

We carefully vet all third-party vendors and partners for security compliance:

• All vendors undergo security assessment before engagement
• Data Processing Agreements (DPAs) signed with all vendors
• Regular security reviews of vendor practices
• Vendors must comply with our security standards

8. Security Best Practices for Users

You can help keep your account secure by following these best practices:

• Use a strong, unique password for your ResQ account
• Enable Multi-Factor Authentication (MFA)
• Keep your app updated to the latest version
• Never share your OTP or verification codes
• Report suspicious activity immediately
• Log out from shared devices

9. Responsible Disclosure

If you discover a security vulnerability in ResQ, please report it to us responsibly. We appreciate the security community's help in keeping ResQ safe.

Report vulnerabilities to: security@resq.tech

We will acknowledge receipt within 48 hours and work to resolve the issue as quickly as possible. We do not offer bug bounties at this time but sincerely thank all researchers who help improve our security.

10. Contact Security Team

For security-related inquiries or to report an incident:

• Email: security@resq.tech
• Phone: +91 8602334842
• 24/7 Security Hotline: +91 1800-XXX-XXXX