LArchade Legal
A
ArchadeLegal
Documents
OverviewTerms of ServicePrivacy PolicyContent License & Contributor AgreementContent & AttributionDataset LicenseDataset Opt-OutHow We Use Public DataAI & Automated ProcessingData Usage & EthicsDMCA & TakedownCookie PolicyIntellectual PropertyEntity ClaimsHiring & Jobs PolicyPayments & SubscriptionsMarketplace TermsCommunity GuidelinesReporting & TakedownsGDPR RightsAccessibility Statement
Security Practices
Active Policy v1.0

Security Practices

Effective Date: January 14, 2026

Security at Archade is treated as a continuous operational process, not a one-time implementation. This document outlines the technical, organizational, and procedural controls used to protect the platform and its data.

1. Security Governance & Scope

Archade applies security controls across:

  • Infrastructure
  • Application code
  • Data storage and access
  • Internal operations
  • Third-party dependencies

Security responsibility is shared across Engineering, Infrastructure, and Legal, with defined escalation paths for incidents and vulnerabilities.

2. Encryption & Data Protection

Data in Transit

  • All network traffic is encrypted using TLS 1.3.
  • HTTPS is enforced across all environments.
  • Secure headers and transport policies are applied to prevent downgrade and interception attacks.

Data at Rest

  • Databases and backups are encrypted at rest using AES-256 or equivalent industry-standard encryption.
  • Secrets and credentials are stored using managed secret storage and are never committed to source control.

3. Access Control & Authentication

Internal Access

  • Access to production systems is restricted to authorized personnel on a least-privilege basis.
  • All internal systems require Multi-Factor Authentication (MFA).
  • Access is logged and reviewed periodically.

User Authentication

  • User authentication is handled via secure, standards-based mechanisms.
  • Passwords are never stored in plaintext.
  • Session management includes expiration, revocation, and anomaly detection.

4. Infrastructure & Application Security

  • Environments are isolated by function (production, staging, development).
  • Automated monitoring is used to detect abnormal activity and system misuse.
  • Dependencies are regularly reviewed and updated to mitigate known vulnerabilities.
  • Critical paths are protected against common web attack vectors (e.g., injection, CSRF, XSS).

5. Incident Response & Breach Handling

Archade maintains a documented Incident Response Plan that includes:

  1. Detection and containment
  2. Impact assessment
  3. Remediation and recovery
  4. Post-incident review

If a personal data breach is confirmed:

  • Affected users will be notified without undue delay
  • Regulatory authorities will be notified within 72 hours, where legally required

6. Third-Party Services

Archade relies on reputable third-party infrastructure and service providers for hosting, storage, payments, and authentication.

  • Vendors are selected based on security posture and compliance maturity
  • Access is limited to what is operationally required
  • Vendor risk is reviewed periodically

7. Vulnerability Disclosure

Archade supports responsible disclosure of security vulnerabilities.

If you believe you have discovered a security issue, report it to:

security@archade.app

Please:

  • Do not publicly disclose the issue before resolution
  • Do not exploit the vulnerability beyond proof of concept
  • Provide sufficient detail to reproduce the issue

We aim to acknowledge reports promptly and resolve valid issues in a timely manner.

8. Limitations

While Archade implements industry-standard safeguards, no system can be guaranteed to be completely secure. Users are responsible for maintaining the confidentiality of their credentials and securing their own devices.

9. Contact

Security-specific inquiries only: security@archade.app

Owner: Engineering

© 2026 Archade Inc.PrivacyTerms
Last updated February 1, 2026

Machine-Readable Feeds

  • AEC News (XML)
  • Projects (JSON)
  • Global (JSON)
  • Signals (XML)
  • Jobs (XML)

Discovery Maps

  • Global Sitemap
  • Projects Graph
  • Organization Index
  • AEC Datasets

Intelligence Routes

  • Discovery Signals
  • Freshness Log
  • Dataset Catalog

© 2026 Archade. All rights reserved.

••Blog•Pricing•Help•Credentials•
Privacy Policy•Terms of Service•Legal•