PhiDesk.io implements enterprise-grade security measures to protect your data, manuscripts, and financial information. We adhere to international standards and best practices to ensure complete confidentiality and data integrity.
All data transmission is encrypted using TLS 1.3 protocol. Manuscripts and sensitive information are encrypted both in transit and at rest using AES-256 encryption.
Enhanced account security with optional 2FA via SMS, email, or authenticator apps. Multi-layered access control for administrator accounts.
Quarterly security assessments by independent third-party experts. Continuous vulnerability scanning and penetration testing to identify and fix potential risks.
Daily automated backups with 30-day retention. Geo-redundant storage across multiple data centers ensures data availability and disaster recovery.
Role-based access control (RBAC) ensures users only access data relevant to their roles. Detailed audit logs track all system activities.
24/7 security monitoring with automated threat detection. Immediate alerts for suspicious activities and unauthorized access attempts.
Hosted on ISO 27001 certified cloud infrastructure. Firewalls, intrusion detection systems, and DDoS protection safeguard our servers.
Full compliance with GDPR, Indian IT Act 2000, and international data protection regulations. Regular compliance audits and updates.
SFTP and encrypted upload/download mechanisms for manuscript handling. Virus scanning on all uploaded files before processing.
We maintain compliance with international standards and regulations
Information Security
EU Data Protection
Indian Cyber Law
Payment Security
We collect only essential information required to provide our services: account details, manuscripts, communication logs, and payment information. We never sell or share your data with third parties for marketing purposes.
Your data is used exclusively to deliver our publishing services, improve platform performance, and provide customer support. Analytics data is aggregated and anonymized for service optimization.
You have the right to access, correct, export, or delete your personal data at any time. You can withdraw consent for data processing and opt-out of non-essential communications.