Security Policy

Last Modified: May 23, 2018

1. Security Policy- Customer Portal Ezypro Management System Solution.

This Security Policy demonstrates our firm commitment to maintaining the security of your personal information and business details. The following discloses our information gathering and dissemination practices

2. Site Certificate Information

Whenever you submit personally identifiable or business identifiable information or transfer other information and documents to and from the Customer Portal, you will be doing so through our secure servers.

Karminn EzyPro SaaS service allows only secure browsers access to the service. The browser's "secure mode" is in place only when you are logged in to the service. You will be able to tell that you are in a secure mode when your browser displays a special icon on the lower bar of your browser window or otherwise indicates the presence of a secure connection

Every secure page (i.e. every part of the user interface) on the customer portal has been secured with a digital certificate. This is shown via the “site certificate” that is resident on all secure pages. To view this certificate, click on the image of the closed lock on the bottom bar of your browser window. A small frame displaying site security information will appear. This allows you to verify the site certification authority and that you are in fact on Karminn.com or a sub-domain of karminn.com

3. User Identification

Only the authorised users of a EzyPro customer Portal can see the workspace and access its contents. Each user can set his/her own password for the Portal. The users’ passwords are stored in application-controlled logins which are hashed and stored using SHA-1 cryptography and are not accessible to employees of Karminn. User names are the email ids generated by site Administration:

After the required registration information assigned by a site administrator for a new user., you will be able to access your user account immediately by clicking on the mail link. The initial password is generated automatically as part of the registration process. If you have forgotten your password, or your password is not working for some reason, you can activate the forgot password feature to have the password reset and sent to your registered email.

The acceptable minimum password length is 6 characters. We recommend that you use a random combination of letters, numbers, and cases to provide added protection.

Each time you login to the service you will be required to authenticate your identity by entering your previously supplied username and password. Upon successful login, you are issued a unique "session id" which allows you to remain active as long as actions are performed in the system at least once every 30 minutes, after which any further actions require you to re-enter your username and password. If an incorrect password is supplied, or if you simply forget your password, you may need to reestablish your identity following the instructions above.

After an undisclosed number of unsuccessful login attempts, you will be locked out.

4. Protection Of Information Being Transmitted 

We use encryption technology to ensure the safe transmission of your information and documents when logged into the system. Your browser provides security by allowing us to use Secure Socket Layer (SSL) encryption up to 128-bit key length encryption when transmitting information and documents. The number of bits of secret key length varies between 40 and 128 depending on your browser’s capability. The highest available bit length is always used.

All communication between your computer and Customer Portal SaaS server is encrypted using SSL.

5. Protection Of Stored Information

Karminn takes many measures to protect client information while it is stored, including:

  • Utilizing firewalls to protect our dedicated servers in world class data centres .The firewall is a barrier to unauthorized users to prevent access to our systems.

  • Three sets of your data stored, one kept separated to protect from digital intrusion (hacking), malicious viruses and for physical separation.

  • All data on Ipad cleared on upload to servers

  • Named Karminn employees have administrative privileges to the customer Portal service to add new features and administer existing portal services based on user requests and needs.

  • All employees at Karminn as well as all suppliers providing services to operate the customer Portal are bound by a confidentiality and non-disclosure agreement prohibiting access to and dissemination of information handled by the company’s clients

  • In addition to client data, some personal information is stored in our databases and in browser cookies. For a complete list of what personal and demographic information is stored please refer to our Privacy Policy

  • Monitoring of application activity logs to identify any unusual activity, from authorized and/or unauthorized individuals accessing our systems is routine.

6. Internet Connection And Server Architecture 

  • Large bandwidth redundant Internet connections to one of the main Internet connection points and redundant routers with fail-over configuration.

  • Redundant firewalls with filters and fail-over configuration.

  • Application and Web servers in the form of several multi-processor servers.

  • LAN with redundant network switches and fail-over configuration.

  • Highly secure computer facilities with cooling systems, UPS, backup systems and fire protection in world class modern cloud data centres.

7. Backup Routines

  • Mirrored database servers’ RAID- system.

  • All backups are encrypted.

  • An incremental backup that saves changes made to files over the last 24 hours is performed every day Possibility to restore A full backup is performed weekly.

  • Karminn has implemented routines for restoring backed up data.

8. Accessibility

Karminn undertakes to provide the customer access to the Customer Portal services as specified in the Terms of Use, and as set forth from time to time on the customer poṛtal. In the event of any conflict between this policy, the information on the terms of use on the portal take precedence.

Karminn undertakes to adopt reasonable measures in order to ensure that the Customer Portal service is available over the Internet around the clock, seven days a week Karminn shall be entitled to take measures that affect the aforementioned accessibility where Cuṣtomer Portal deems such to be necessary for technical, maintenance, operational, or security reasons.

The customer shall be aware and acknowledges that the customer's access to the Internet cannot be guaranteed and that Karminn shall not be liable for deficiencies in the customer's own Internet connections.

In the event of defects or deficiencies attributable to Karminn customer Portal SaaS, Karminn undertakes to act to rectify such defect without unreasonable delay.

In the absence of intent or gross negligence by Karminn. Karminn otherwise assumes no responsibility for defects or deficiencies in the Karminn customer Portal SaaS service.

Error notification must be given by the customer in accordance to the instructions announced by Karminn from time to time and within a reasonable time of the discovery of the defect.

9. Your Consent

By using our customer portal, you consent to our CUSTOMER PORTAL SECURITY policy.