Security

Security

This page gives an overview of the security procedures that we follow while building the MintWin.xyz platform and product.

Payments

We process payments with fully PCI-compliant service providers. They are certified with PCI DSS v3.2.1 compliance.

MintWin.xyz does not process or store any payment information.

Privacy

MintWin.xyz does not share or sell any of your data with other sources. You can read more information about how seriously we take your privacy at https://mintwin.xyz/privacy-policy.

Infrastructure

We use WP Engine to host our technical infrastructure and servers. Their platform has the following compliance: PCI-DSS Level 1 Service Provider, ISO 27001 certified, and SOC 2 Type II.

Development Process

We employ both internal and external testing and validation of our development process.

Our application and code are scanned for static and dynamic code vulnerabilities. All engineers receive training and guidance regarding best-in-industry level security practices.

Encryption

Data is encrypted in transit and at rest. We work with various services to encrypt the data stored in our database and cache.

CloudFlare enforces strict HSTS SSL encryption across the MintWin.xyz site and API.

Incident Response

All engineers are trained in incident response. We have systems monitoring the performance and reliability of our servers 24×7.

Engineers serve rotating on-call rotations and are able to respond to incidents in a timely manner.

Contact

If you have questions or have found a suspected vulnerability, you can contact us at help@mintwin.xyz.