This Security Overview describes the high-level safeguards implemented by Minotaur.io LLC to protect personal information processed through Minotaur Sales and Minotaur ATS.

1. Infrastructure Security

• Cloud-hosted environments with logical tenant isolation
• Encryption in transit (TLS 1.2 or higher)
• Encryption at rest for sensitive data
• Network-level access restrictions

2. Access Controls

• Role-based access controls (RBAC)
• Least privilege principles
• Multi-factor authentication for administrative access
• Periodic access reviews

3. Logging & Monitoring

• Logging of reveal events, exports, and administrative actions
• Monitoring for anomalous activity
• Automated alerting for suspicious patterns

4. Data Lifecycle Controls

• Time-bound reveal entitlements
• Structured refresh and purge schedules
• Suppression workflows for removed data
• Audit log retention policies

5. Incident Response

Minotaur maintains documented incident response procedures. In the event of a confirmed data breach, affected parties will be notified in accordance with applicable law.

6. Subprocessors

Minotaur engages carefully selected subprocessors under contractual data protection obligations. A current list of subprocessors is available on our website.

7. Continuous Improvement

Security practices are reviewed periodically and updated as necessary to address evolving risks and regulatory expectations.

No platform can guarantee absolute security. The safeguards described above are designed to reduce risk and continuously improve platform resilience.