Incident Response and Security Policy
How we handle security incidents and maintain platform security
Despite our best efforts and rigorous audits, security incidents are an inevitable part of any online business. Your security is important to us, and we are fully committed to both your security and that of our platform. We maintain a culture of transparency and honesty, which extends to our approach for reporting security incidents. In the event of a security incident, Appbox will take the following actions:
- If necessary, we will restrict connections to affected Appbox servers to resolve the incident quickly
- As soon as any incidents are reported or discovered, we will publish details on our communication channels including:
- Our website
- Our status page
- Email notifications to affected clients
We will also start emailing affected clients directly, though it may take some time for all communications to be dispatched.
If you're experiencing issues with your services, please check our status page. It's most likely you will see maintenance work related to your service. If there is no ongoing maintenance, feel free to open a support ticket so we can investigate your issues and guide you accordingly.
Policies
To maintain trust, we have published several important documents that detail how we operate. We strive to be as transparent as possible about what information we collect, how we store it, and how we use it.
- Content Abuse Policy
- Subprocessors & Cookies Policy
- Bug Bounty Program
- Global Privacy Practices
- Password Policy
- Service Level Agreement
- Data Handling Policy
- Refund Policy
- Sensitive Data Removal Policy
- Terms of Service
Security-First Infrastructure
- We carefully assess third-party partners and vendors for both suitability and security risk. We ensure the right technical and contractual commitments are in place for all partnerships.
- We use enterprise-grade, high-availability data centers with your availability and security in mind—all with rigorous physical security measures.
- We implement private VLANs within our network infrastructure to isolate customer data, enhance security, and prevent potential network-level intrusions. Our in-house networking team manages these VLANs to ensure optimal security.
How You Can Help
As described in our Terms of Service and across our security documentation, we take extensive measures to ensure Appbox is secure. You can help us protect the platform further by:
- Following our Password Policy
- Being careful about account sharing—never share your account with people you don't know or trust
- Notifying Appbox immediately if you notice any unauthorized access to your account, including any suspicious use of your password
- Enabling two-factor authentication (2FA) on your account
Reporting Security Concerns
- Security Events: Please notify Appbox immediately to report a security event, such as unauthorized account usage or a suspected data breach
- Vulnerabilities: Please visit our Bug Bounty Program for detailed information on reporting vulnerabilities and potential rewards
- Sensitive Data: If you need sensitive data removed from Appbox, please refer to our Sensitive Data Removal Policy
- Content Abuse: Read our Content Abuse Policy to understand how you can report copyright or content abuse issues