Security Practices

Part A: aiaiyoo.com Platform — Document 10 of 20

Table of Contents

1. Encryption (AES-256-GCM)2. Access Control (RBAC)3. Infrastructure (AWS Mumbai)4. CERT-In Breach Response 5. Penetration Testing 6. Incident Response (72 Hours)7. Employee Security 8. Audit Trail

Bank-grade encryption (AES-256). Data stays in India. Role-based access control. If breach occurs: CERT-In notified within 6 hours, users within 72 hours. Regular security testing. Complete audit trail.

1. Encryption (AES-256-GCM)

[Full legal text from AIAIYOO_EXXAMS_Legal_Pack_v2_Bulletproof.docx — Document 10, Section 1]

2. Access Control (RBAC)

[Full legal text from AIAIYOO_EXXAMS_Legal_Pack_v2_Bulletproof.docx — Document 10, Section 2]

3. Infrastructure (AWS Mumbai)

[Full legal text from AIAIYOO_EXXAMS_Legal_Pack_v2_Bulletproof.docx — Document 10, Section 3]

4. CERT-In Breach Response

[Full legal text from AIAIYOO_EXXAMS_Legal_Pack_v2_Bulletproof.docx — Document 10, Section 4]

5. Penetration Testing

[Full legal text from AIAIYOO_EXXAMS_Legal_Pack_v2_Bulletproof.docx — Document 10, Section 5]

6. Incident Response (72 Hours)

[Full legal text from AIAIYOO_EXXAMS_Legal_Pack_v2_Bulletproof.docx — Document 10, Section 6]

7. Employee Security

[Full legal text from AIAIYOO_EXXAMS_Legal_Pack_v2_Bulletproof.docx — Document 10, Section 7]

8. Audit Trail

[Full legal text from AIAIYOO_EXXAMS_Legal_Pack_v2_Bulletproof.docx — Document 10, Section 8]

Grievance Officer

Name: Grievance Officer, aiaiyoo Technologies Pvt. Ltd.
Email: grievance@aiaiyoo.com
Response Time: 15 working days
Address: India