Security

Our Commitment to Security

At GreaseIQ, we understand that your business data is critical to your operations. We've implemented enterprise-grade security measures to protect your information and ensure the integrity of our platform. Security is not just a feature—it's fundamental to everything we do.

This document outlines our comprehensive approach to security, including technical safeguards, operational procedures, and compliance measures that protect your grease trap business data.

Data Encryption

Encryption in Transit

All data transmitted between your devices and our servers is protected using industry-standard encryption:

• TLS 1.3 encryption for all web and API communications
• Perfect Forward Secrecy to protect past communications
• Certificate pinning in mobile applications
• Encrypted connections for all third-party integrations

Encryption at Rest

Your data is encrypted when stored on our servers and backup systems:

• AES-256 encryption for all stored data
• Encrypted database storage with key rotation
• Encrypted file storage for documents and images
• Encrypted backups with separate key management

Access Controls

Multi-Factor Authentication

We require multi-factor authentication (MFA) for enhanced account security:

• SMS-based verification codes
• Authenticator app support (Google Authenticator, Authy)
• Hardware security key compatibility
• Backup recovery codes for account recovery

Role-Based Access Control

Our platform implements granular permission controls:

• Customizable user roles (Admin, Manager, Driver, Viewer)
• Feature-specific permissions
• Location-based access restrictions
• Time-based access controls
• Audit logs for all access and permission changes

Infrastructure Security

Cloud Security

Our infrastructure is built on secure, enterprise-grade cloud platforms:

• SOC 2 Type II certified cloud providers
• Geographically distributed data centers
• Automated security monitoring and threat detection
• Regular security patches and updates
• Network segmentation and firewalls

Application Security

• Secure coding practices and code reviews
• Regular vulnerability assessments and penetration testing
• Automated security scanning in development pipeline
• Web Application Firewall (WAF) protection
• DDoS protection and rate limiting

Data Protection

Backup and Recovery

We maintain comprehensive backup and disaster recovery procedures:

• Automated daily backups with encryption
• Geographically distributed backup storage
• Point-in-time recovery capabilities
• Regular backup integrity testing
• Documented disaster recovery procedures

Data Isolation

• Logical data separation between customer accounts
• Database-level isolation and access controls
• Secure data deletion procedures
• Data residency controls for compliance requirements

Monitoring and Incident Response

Security Monitoring

We maintain 24/7 security monitoring and alerting:

• Real-time threat detection and analysis
• Automated security incident alerts
• Comprehensive audit logging
• Behavioral analysis and anomaly detection
• Security information and event management (SIEM)

Incident Response

Our incident response procedures ensure rapid response to security events:

• Dedicated security incident response team
• Documented incident response procedures
• Customer notification protocols
• Post-incident analysis and improvement
• Coordination with law enforcement when necessary

Compliance and Certifications

Industry Standards

We adhere to recognized security frameworks and standards:

• SOC 2 Type II compliance
• ISO 27001 security management standards
• NIST Cybersecurity Framework alignment
• OWASP security best practices

Regulatory Compliance

• GDPR compliance for European data protection
• CCPA compliance for California privacy rights
• HIPAA-ready security controls
• State and federal waste management regulations

Employee Security

Background Checks and Training

All GreaseIQ employees undergo comprehensive security screening:

• Background checks for all employees
• Regular security awareness training
• Confidentiality and security agreements
• Ongoing security education and updates

Access Management

• Principle of least privilege access
• Regular access reviews and audits
• Immediate access revocation upon termination
• Secure development environment isolation

Third-Party Security

We carefully vet all third-party service providers and vendors:

• Security assessments of all vendors
• Contractual security requirements
• Regular vendor security reviews
• Data processing agreements (DPAs)
• Vendor risk management program

Your Security Responsibilities

While we provide robust security measures, you also play a crucial role in maintaining security:

Account Security

• Use strong, unique passwords for your account
• Enable multi-factor authentication
• Keep your contact information up to date
• Report suspicious activity immediately
• Regularly review user access and permissions

Device Security

• Keep devices and apps updated
• Use device lock screens and encryption
• Avoid using public Wi-Fi for sensitive operations
• Log out of shared or public devices
• Report lost or stolen devices immediately

Security Updates and Communication

We are committed to transparent communication about security:

• Regular security updates and improvements
• Proactive communication about security enhancements
• Timely notification of any security incidents
• Security best practices and recommendations
• Annual security reports and assessments

Reporting Security Issues

If you discover a security vulnerability or have security concerns, please contact us immediately:

We appreciate responsible disclosure and will work with security researchers to address any identified vulnerabilities promptly.