Last updated 30 June 2026
On this page
Web of Wave is committed to maintaining appropriate administrative, technical, and organisational measures to help protect the confidentiality, integrity, and availability of the information entrusted to us.
This Security Policy provides an overview of our security principles and practices. It should be read together with our Privacy Policy, Data Retention Policy, Acceptable Use Policy, and Terms & Conditions. This document describes our general security approach and does not disclose confidential technical security controls, infrastructure configurations, or operational procedures.
1. Business Information#
New Delhi – 110096
India
2. Purpose#
The objectives of this Security Policy are to:
- Protect client information.
- Protect personal information.
- Safeguard confidential business information.
- Reduce cybersecurity risks.
- Promote secure development practices.
- Support business continuity.
- Encourage responsible security reporting.
3. Scope#
This Policy applies to:
- Our website.
- Client projects.
- Web applications.
- APIs.
- Hosting environments managed by Web of Wave.
- Development environments.
- Cloud services used by Web of Wave.
- Project documentation.
- Client communications.
4. Security Principles#
Web of Wave seeks to operate its services according to the following principles:
- Confidentiality.
- Integrity.
- Availability.
- Least Privilege.
- Defence in Depth.
- Secure by Design.
- Privacy by Design.
- Continuous Improvement.
Security controls are reviewed and improved as our services evolve.
5. Security Measures#
Where appropriate and reasonably practicable, Web of Wave may implement measures including:
- Authentication controls.
- Role-based access management.
- Encryption during transmission where supported.
- Secure password practices.
- Secure software development practices.
- Access logging.
- Backup procedures.
- Security monitoring.
- Software updates.
- Vulnerability management.
- Secure deployment processes.
The specific technical implementation of these controls may vary depending on the nature of the project, technology stack, and operational requirements.
6. Secure Development#
Web of Wave seeks to incorporate security considerations throughout the software development lifecycle. Depending on the project, this may include:
- Secure coding practices.
- Dependency review.
- Input validation.
- Authentication and authorization controls.
- Error handling.
- Secure configuration.
- Logging and monitoring.
- Security testing prior to deployment where appropriate.
7. User Responsibilities#
Clients and users also play an important role in maintaining security. Users are encouraged to:
- Use strong passwords.
- Protect login credentials.
- Enable multi-factor authentication where available.
- Keep devices and browsers updated.
- Report suspected security incidents promptly.
- Avoid sharing confidential credentials through insecure channels.
8. Third-Party Services#
Some services provided by Web of Wave rely on independent third-party providers, including cloud hosting providers, domain registrars, payment processors, analytics providers, and communication platforms.
While we seek to work with reputable providers, each third-party service remains responsible for the security of its own infrastructure and services.
9. Reporting Security Concerns#
If you believe you have identified a security issue relating to the Web of Wave website or services, please notify us promptly by emailing webofwave@gmail.com. Please include:
- Description of the issue.
- Steps to reproduce (if safe and appropriate).
- Affected page or service.
- Supporting evidence, where available.
- Contact information for follow-up.
We appreciate responsible and good-faith reporting of potential security issues.
10. Security Incident Handling#
Upon receiving a legitimate security report, Web of Wave may:
- Acknowledge receipt.
- Assess the reported issue.
- Prioritise remediation based on risk.
- Investigate the matter.
- Implement corrective measures where appropriate.
- Communicate with the reporter where reasonably practicable.
Response times may vary depending on the complexity and severity of the reported issue.