Eson Kardul
help@esonkardul.com
+380 33 278 39 50

Security Policy

Last Updated: August 20, 2025

Eson Kardul ("we," "our," or "us") is committed to protecting the security of your personal information and data. This Security Policy outlines the measures we take to safeguard your information when you use our webinar platform and services available at esonkardul.com.

1. Information Security Commitment

We recognize that the security of your data is essential to maintaining your trust. We employ industry-standard security practices and technologies to protect your information from unauthorized access, disclosure, alteration, and destruction.

2. Data Protection Measures

2.1 Technical Security Controls

We implement multiple layers of technical security controls to protect your data:

Encryption: All data transmitted between your device and our servers is encrypted using Transport Layer Security (TLS) protocols. Sensitive data stored in our databases is encrypted at rest using industry-standard encryption algorithms.

Access Controls: We maintain strict access controls to limit who can access your personal information. Access is granted only to authorized personnel who require it to perform their job functions, and all access is logged and monitored.

Firewall Protection: Our network infrastructure is protected by enterprise-grade firewalls that monitor and control incoming and outgoing network traffic based on predetermined security rules.

Intrusion Detection: We employ intrusion detection and prevention systems to identify and respond to potential security threats in real-time.

2.2 Authentication and Authorization

We use secure authentication mechanisms to verify user identities:

Password Security: User passwords are hashed using strong cryptographic algorithms and salted to prevent rainbow table attacks. We enforce password complexity requirements and encourage users to create strong, unique passwords.

Multi-Factor Authentication: We offer multi-factor authentication options to add an additional layer of security to user accounts.

Session Management: User sessions are securely managed with automatic timeout features and secure session tokens that expire after periods of inactivity.

2.3 Infrastructure Security

Our platform is hosted on secure servers with the following protections:

Physical Security: Our data centers implement physical security measures including 24/7 surveillance, biometric access controls, and environmental monitoring systems.

Server Hardening: All servers are configured following security best practices, with unnecessary services disabled and security patches applied regularly.

Network Segmentation: We use network segmentation to isolate different components of our infrastructure and limit the potential impact of security incidents.

3. Application Security

3.1 Secure Development Practices

We follow secure software development lifecycle practices:

Code Reviews: All code changes undergo peer review with security considerations as a primary focus.

Security Testing: We conduct regular security testing including vulnerability scanning, penetration testing, and static code analysis.

Input Validation: All user inputs are validated and sanitized to prevent injection attacks and other common vulnerabilities.

3.2 Third-Party Security

We carefully evaluate the security practices of third-party service providers and vendors. All third parties with access to user data must maintain security standards consistent with this policy and are bound by confidentiality agreements.

4. Data Backup and Recovery

We maintain regular backup procedures to ensure data availability and business continuity:

Backup Frequency: Critical data is backed up daily with incremental backups occurring throughout the day.

Backup Storage: Backups are encrypted and stored in geographically diverse locations to protect against localized disasters.

Recovery Testing: We regularly test our backup and recovery procedures to ensure data can be restored quickly and completely in the event of an incident.

5. Incident Response

5.1 Security Monitoring

We continuously monitor our systems for security threats and anomalous activity. Our security team reviews logs and alerts to identify and respond to potential security incidents promptly.

5.2 Incident Management

In the event of a security incident that may affect your data:

Investigation: We will promptly investigate the incident to determine its scope, nature, and potential impact.

Containment: We will take immediate steps to contain the incident and prevent further unauthorized access or data loss.

Notification: If a security incident results in unauthorized access to your personal information, we will notify affected users in accordance with applicable laws and regulations.

Remediation: We will implement corrective measures to address the root cause of the incident and prevent similar occurrences in the future.

6. User Responsibilities

While we implement robust security measures, the security of your account also depends on your actions:

Account Security: Keep your login credentials confidential and do not share them with others. Choose a strong, unique password for your account.

Device Security: Ensure that devices you use to access our platform are protected with up-to-date security software and operating system patches.

Suspicious Activity: Report any suspicious activity or unauthorized access to your account immediately by contacting us at help@esonkardul.com.

Secure Connections: Access our platform only through secure, trusted networks. Avoid using public or unsecured Wi-Fi networks for sensitive transactions.

7. Data Retention and Deletion

We retain your data only for as long as necessary to provide our services and comply with legal obligations. When data is no longer needed:

Secure Deletion: Data is securely deleted or anonymized using methods that prevent recovery.

User-Initiated Deletion: Users may request deletion of their accounts and associated data by contacting us. We will process such requests in accordance with our data retention policies and legal requirements.

8. Compliance and Certifications

We strive to maintain compliance with applicable data protection and security regulations. Our security practices are regularly reviewed and updated to align with evolving standards and best practices in the industry.

9. Employee Training and Awareness

All employees with access to user data receive regular security training covering:

Security Best Practices: Training on secure handling of sensitive information and recognition of security threats.

Confidentiality Obligations: All employees are bound by confidentiality agreements and understand their responsibilities in protecting user data.

Incident Response: Training on how to identify and report security incidents promptly.

10. Webinar-Specific Security

10.1 Live Session Security

Encrypted Streaming: All webinar streams are encrypted during transmission to prevent interception.

Access Controls: Webinar access is controlled through secure registration and authentication mechanisms. Only authorized participants can join scheduled sessions.

Recording Security: Webinar recordings are stored securely with access controls and encryption to protect content confidentiality.

10.2 Interactive Features Security

Chat Moderation: We provide tools for hosts and moderators to manage participant interactions and remove inappropriate content.

Screen Sharing Controls: Screen sharing and presentation features are controlled by hosts to prevent unauthorized content sharing.

Participant Privacy: Participant information is protected, and we provide options for users to control their visibility and participation level.

11. Payment Security

If our platform processes payments, we implement additional security measures:

PCI Compliance: Payment processing adheres to Payment Card Industry Data Security Standards (PCI DSS) where applicable.

Secure Payment Gateways: We use trusted, certified payment processors to handle financial transactions. We do not store complete credit card information on our servers.

Transaction Monitoring: We monitor transactions for fraudulent activity and maintain secure audit trails.

12. Vulnerability Disclosure

We welcome responsible disclosure of security vulnerabilities. If you discover a potential security issue:

Contact: Please report the issue to help@esonkardul.com with details of the vulnerability.

Responsible Disclosure: We request that you allow us reasonable time to investigate and address the issue before public disclosure.

Recognition: We appreciate the efforts of security researchers and will acknowledge responsible disclosures appropriately.

13. Security Updates and Maintenance

We regularly update our systems to address security vulnerabilities:

Patch Management: Security patches and updates are applied promptly following thorough testing.

Software Updates: We keep all software components, libraries, and dependencies up to date with the latest security fixes.

Security Audits: Periodic security audits and assessments are conducted to identify and address potential vulnerabilities.

14. International Data Transfers

As an international platform, your data may be transferred to and processed in countries other than your own. When we transfer data internationally:

Security Standards: We ensure that appropriate security measures are in place to protect your data regardless of where it is processed.

Transfer Mechanisms: We use legally recognized mechanisms for international data transfers to ensure adequate protection.

15. Limitations and Disclaimers

While we implement comprehensive security measures, please be aware:

No Absolute Security: No security system is completely impenetrable. We cannot guarantee absolute security of your data against all possible threats.

User Actions: We are not responsible for security breaches resulting from user actions such as sharing login credentials or falling victim to phishing attacks.

Third-Party Links: Our platform may contain links to third-party websites. We are not responsible for the security practices of external sites.

16. Changes to This Policy

We may update this Security Policy periodically to reflect changes in our security practices or legal requirements. When we make significant changes:

Notification: We will notify users of material changes through email or prominent notice on our platform.

Effective Date: The updated policy will include the date of the most recent revision.

Continued Use: Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

17. Contact Information

If you have questions, concerns, or requests regarding this Security Policy or the security of your data, please contact us:

Email: help@esonkardul.com
Phone: +380332783950
Address: vul. Kos-Anatolskoho, 10, Lviv, Lviv Oblast, Ukraine, 79000

We are committed to addressing your security concerns promptly and transparently.

Your Security Matters

At Eson Kardul, protecting your data is our priority. We continuously invest in security technologies and practices to ensure that your information remains safe while you focus on gaining valuable knowledge through our webinar platform. Thank you for trusting us with your learning journey.