Back to home
Legal
Security Policy
Technical and organisational security measures for the YOG Platform.
Version 1.0 · Published 12 June 2026 · Document type: SECURITY_POLICY
1. Security measures
We use TLS encryption in transit, hashed passwords (Argon2), JWT access tokens with refresh rotation, rate limiting, audit logging, and role-based access control for admin functions.
2. Payment security
Card data is handled by Razorpay PCI-DSS compliant infrastructure; YOG does not store full card numbers.
3. Incident response
Suspected breaches should be reported to security@joinyog.com. We notify users and authorities as required by law.
4. Your responsibility
Use strong passwords, enable device security, and log out on shared devices.