This document governs use of the JustSwitch API Platform. For contractual SLAs or enterprise terms, refer to your signed order form or contact legal@justswitch.in.
1. Security commitment
JustSwitch implements defence-in-depth controls appropriate for a fintech API platform handling sensitive verification and payment metadata.
2. Technical controls
- TLS 1.2+ for all API and dashboard traffic.
- Encryption at rest for databases and backups.
- Role-based access control, MFA for privileged accounts.
- IP whitelisting for production API tokens.
- Immutable audit logs for financial and admin actions.
- Vulnerability scanning and patch management.
3. Incident response
Suspected breaches must be reported to security@justswitch.in immediately. We will investigate, contain and notify affected partners as required by law and contract.
4. Partner responsibilities
- Secure storage of API keys server-side only.
- Prompt patching of your integration environments.
- Reporting suspicious activity on your account within 24 hours.
Need clarification?
Contact our legal & compliance desk.