Security

At Centuria Solutions, security is fundamental to everything we build. We implement industry-leading security practices to protect your data and our systems. Our security approach is guided by the principle of defense in depth — multiple layers of protection working together to secure your information.

Infrastructure Security • All data is encrypted in transit (TLS 1.3) and at rest (AES-256) • Servers hosted in ISO 27001 certified data centers • Regular penetration testing and security audits • Automated vulnerability scanning Application Security • OWASP Top 10 vulnerability prevention • Input validation and output encoding • Secure session management • Regular dependency updates and patch management Access Control • Multi-factor authentication for all admin accounts • Principle of least privilege for system access • Comprehensive audit logging • Regular access reviews

We maintain 24/7 security monitoring across all our systems: • Real-time intrusion detection and prevention • Automated anomaly detection • Security event logging and alerting • Regular backup and disaster recovery testing Our security team reviews all alerts and responds to incidents according to our established incident response procedures.

In the event of a security incident: 1. Detection — Automated systems and manual monitoring detect potential incidents 2. Assessment — Security team assesses the scope and impact within 1 hour 3. Containment — Immediate steps taken to limit any damage 4. Notification — Affected users notified within 72 hours as required by GDPR 5. Recovery — Systems restored and vulnerabilities remediated 6. Review — Post-incident review to prevent recurrence All incidents are documented and reviewed by our security team.

We take security vulnerabilities seriously. If you discover a security issue: Please report it responsibly by: • Email: security@centuria.solutions • Include a detailed description of the vulnerability • Provide steps to reproduce (if applicable) • Allow us time to investigate and fix before public disclosure We commit to: • Acknowledge receipt within 24 hours • Provide regular updates on our progress • Credit researchers who report valid vulnerabilities (with permission) • Not pursue legal action for good-faith security research

Security is a shared responsibility. You can help: • Use strong, unique passwords for your accounts • Enable two-factor authentication when available • Keep your devices and browsers updated • Be cautious of phishing attempts • Report suspicious activity immediately to security@centuria.solutions

For security-related inquiries: Security Email: security@centuria.solutions General Contact: contact@centuria.solutions For non-urgent security questions, you may also reach us at: Address: Centuria Solutions, Dobrosloveni, România