1. Our approach
Defense-in-depth: TLS encryption, network segmentation, hardened cloud infrastructure, least-privilege access, and monitoring.

2. Payments
Card data handled by PCI-DSS compliant Processors (Stripe, Paystack, PayPal). Maltibase does not store full PAN data.

3. Account security
Use strong passwords; enable device security; beware of phishing. We will never ask for your password or full card details via email.

4. Vulnerability reporting
Report security concerns to hello@maltibase.com with the subject “Security.”

5. Incident response
If a breach affects your data, we will notify you and regulators as required by law.