Security Policy

Effective Date: 01/12/2025

1. Purpose and Scope

This Information Security Policy outlines the security commitments implemented by DIGISKINS LTD in connection with the operation of the online platform available at https://ironskinz.r-one.dev (the “Platform”).

The objective of this Policy is to describe the measures applied to protect digital resources, user interactions, data, and technical infrastructure from unauthorized access, misuse, disruption, loss, or compromise.

This Policy applies to all users of the Platform, Company employees, contractors, service providers, and any other parties granted access to systems, data, or operational environments associated with the Platform.

The Company maintains its security framework in line with recognised international cybersecurity principles and applicable legislation of the United Kingdom and the European Union, including data protection and information security requirements.

2. Security Objectives

The Company operates a structured security framework designed to:

  • protect user identifiers, operational information, and virtual assets;
  • ensure stable and continuous availability of the Platform;
  • reduce exposure to cyber threats, abuse, and unauthorized activities;
  • promptly identify, assess, and address security incidents;
  • comply with legal and regulatory obligations related to data protection and cybersecurity.

Security measures are reviewed on an ongoing basis to remain effective under changing technical and regulatory conditions.

3. Core Security Principles

The Company’s approach to information security is based on the following principles:

  • controlled access to confidential and sensitive information;
  • preservation of data accuracy and system integrity;
  • operational resilience to maintain service availability;
  • clearly defined responsibilities for security compliance;
  • continuous improvement of safeguards to address evolving risks.

4. Technical Safeguards

4.1 Data Transmission and Storage Protection

All communications between users and the Platform are secured using modern encryption technologies. Sensitive operational and system-related data is stored in protected environments applying industry-standard security mechanisms.

4.2 Infrastructure Environment

The Platform operates on professionally managed hosting infrastructure located within the European Union. Administrative access is strictly limited and monitored. Backup systems are implemented to enable recovery in the event of technical failures or security incidents.

4.3 Network Security Controls

Network-level security measures, including traffic filtering, intrusion monitoring, and automated mitigation tools, are applied to defend against unauthorized access attempts, denial-of-service attacks, and automated abuse.

4.4 Access Control Mechanisms

User authentication is performed exclusively through official Steam authentication mechanisms. Actions requiring elevated privileges are subject to enhanced verification. Internal access rights are periodically reviewed and adjusted as necessary.

4.5 Monitoring and Logging

System events, user actions, and transactions are logged for security analysis, operational stability, and investigation of potential misuse. Logs are retained for a defined minimum period in accordance with operational and security requirements.

5. Organisational Measures

5.1 Internal Access Management

Access to systems and data is granted to employees and contractors strictly in accordance with operational necessity. Permissions are reviewed on a regular basis.

5.2 Staff Awareness and Training

Individuals involved in Platform operations receive guidance on information security practices. Awareness measures are conducted to reduce the risk of credential compromise and social engineering attacks.

5.3 Security Incident Handling

The Company maintains procedures for identifying, handling, and documenting security incidents. Incidents are assessed proportionately to their impact. Users may be notified where required by law or where reasonably necessary.

5.4 Risk Assessment

Technical and operational risks are evaluated periodically. The Company may engage internal or external specialists to review the effectiveness of its security controls.

6. User Responsibilities

Users are responsible for maintaining the security of their connected Steam accounts and preventing unauthorized access to their credentials. Suspected security issues must be reported to the Company without delay.

Failure to comply with these obligations may result in restricted access or loss, for which the Company bears no responsibility.

7. Relationship with Other Policies

This Policy shall be interpreted together with other governing documents of the Platform, including:

  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Refund & Chargeback Policy

Collectively, these documents define the legal and operational framework governing use of the Platform.

8. Disclaimer of Absolute Security

While the Company applies reasonable and up-to-date security measures, no digital system can be guaranteed to be entirely risk-free. The Company shall not be responsible for security incidents caused by third-party services or systems outside its control, including authentication providers or payment processors.

9. Policy Updates

This Policy may be amended to reflect changes in operational practices, technology, or legal requirements. Updated versions take effect upon publication on the Platform.

10. Contact Information

DIGISKINS LTD
167–169 Great Portland Street, Fifth Floor
London, United Kingdom, W1W 5PF
Email: [email protected]
Website: https://ironskinz.r-one.dev