Security

Last updated on July 1, 2025

Microlink is committed to protecting the security and privacy of our customers' data.
We implement comprehensive security measures across our infrastructure, applications, and processes to ensure the confidentiality, integrity, and availability of data processed through our services.
For more information about our data processing practices, please see our Data Processing Agreement, Subprocessors, and Privacy Policy.

Infrastructure security

Cloud Infrastructure
  • Multi-cloud architecture across AWS, DigitalOcean, Vercel, and CloudFlare.
  • Enterprise-grade data centers with 24/7 monitoring.
  • DDoS protection and network security measures.
  • Regular security patches and updates.
Data Protection
  • All data encrypted in transit (HTTPS/TLS 1.2+) and at rest.
  • Secure data handling with automatic deletion policies.
  • Isolated customer data processing.
  • Malware detection and content security scanning.

Access & authentication

API Security
  • API key authentication required for all requests.
  • Rate limiting and abuse prevention.
  • Request validation and comprehensive logging.
Administrative Access
  • Multi-factor authentication for all admin access.
  • Role-based access controls with least privilege principles.
  • Regular access reviews and security training.

Monitoring & response

Security Monitoring
  • 24/7 automated security monitoring and alerting.
  • Comprehensive audit logging for all system activities.
  • Regular vulnerability scanning and security assessments.
Incident Response
  • Defined security incident response procedures.
  • GDPR-compliant breach notification (within 72 hours to authorities).
  • Transparent communication with affected customers.

Compliance

Data Protection
  • GDPR compliance with data protection by design.
  • Regular security reviews and policy updates.
  • Comprehensive vendor security management for all subprocessors.
Business Continuity
  • Automated daily backups with geographic distribution.
  • Disaster recovery procedures and regular testing.
  • Defined recovery objectives for critical systems.

Security contact

For security-related questions or to report a vulnerability:
Email:
Subject: Security Inquiry

Responsible disclosure

If you discover a security vulnerability:
  1. Report it to .
  2. Allow reasonable time for investigation and resolution.
  3. Do not publicly disclose until resolved.
  4. Do not access or modify data that doesn't belong to you.
We are committed to working with security researchers to address vulnerabilities quickly and responsibly.