CaseCrest legal

Security policy

How CaseCrest protects platform integrity, competition data, and participant information.

Effective date: 31 December 2025

CaseCrest is committed to maintaining reasonable and appropriate safeguards to protect platform integrity and user data.

1. Application Security

Industry-standard development practices.
Code reviews and testing prior to production deployment.
Protection against common web vulnerabilities (e.g. injection, CSRF, XSS).
Separation of production, staging, and development environments.

2. Data Security

Encrypted connections (HTTPS).
Encryption of sensitive data at rest and in transit.
Access controls based on least-privilege principles.
Secure third-party infrastructure providers.

3. User Responsibilities

You are responsible for:

Protecting your login credentials.
Using secure devices and networks.
Reporting suspected unauthorised access promptly.

4. Limitations

No system is completely secure. CaseCrest cannot guarantee absolute security and disclaims liability for unauthorised access except where required by law.

5. Responsible Disclosure

Security concerns may be reported to support@casecrest.org.

Questions or disclosures?

Reach our security team at support@casecrest.org for incident reports or questionnaires.

support@casecrest.org

Feedback