Update Date: [●]

At Searover Robotik ve Yazılım Anonim Şirketi (Werover), we prioritize the security and integrity of the data handled within our Windrover IoT Platform and related SaaS applications. This Security Policy outlines the technical and administrative measures we implement to protect our platform and the data it hosts.

1. Information Security Framework

Werover is committed to maintaining a robust information security management system aligned with industry best practices and standards. Our framework is designed to preserve the confidentiality, integrity, and availability of all platform-related information.

2. Access Control and Authentication

  • Role-Based Access Control (RBAC): We implement strict role-based access mechanisms ensuring that Users only have access to information and features necessary for their respective roles.
  • Authentication: All Users must authenticate themselves through secure credentials. We employ encrypted credential storage and encourage the use of strong password policies.
  • Session Management: Our platform utilizes secure session tokens that expire after periods of inactivity, preventing unauthorized access on unattended devices.

3. Data Protection

  • Encryption in Transit: All communications between the User's device and Werover's servers are encrypted using modern TLS (Transport Layer Security) protocols.
  • Encryption at Rest: Sensitive data, including passwords and personal information, are stored using advanced encryption algorithms.
  • Data Isolation: Customer data is logically isolated within our multi-tenant SaaS environment, ensuring that a Customer's data cannot be accessed by other Customers.

4. Infrastructure Security

  • Cloud Security: Our platform is hosted on leading, highly secure cloud infrastructure providers that comply with stringent international compliance standards (such as ISO 27001).
  • Vulnerability Management: We perform regular vulnerability scans, penetration testing, and security assessments to identify and remediate potential security flaws.
  • Network Security: Our infrastructure is safeguarded by firewalls, intrusion detection systems (IDS), and DDoS mitigation technologies to block malicious traffic.

5. Monitoring and Incident Response

  • Continuous Monitoring: We employ automated monitoring systems to detect suspicious activities or anomalies in real-time.
  • Incident Response Plan: Werover maintains a comprehensive incident response plan to promptly address and mitigate any security breaches. Users and Customers will be notified without undue delay in the event of a significant security incident affecting their data.

6. Development Security

  • Secure Development Lifecycle (SDLC): Security is integrated into every phase of our software development process. We conduct regular code reviews and utilize static/dynamic application security testing.

7. Compliance and Audits

Werover continually monitors and adheres to applicable legal requirements, including the Personal Data Protection Law (KVKK). We are committed to conducting periodic internal audits to ensure ongoing compliance with our security policies.

Live Demo