'%3e%3cg%20id='Сгруппировать_47'%20data-name='Сгруппировать%2047'%3e%3cpath%20id='Контур_74'%20data-name='Контур%2074'%20d='M46.58,42.194l-.494.964-.644-.329L46.788,40.2l.643.329-.494.966,2.529,1.294-.357.7Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_75'%20data-name='Контур%2075'%20d='M47.835,38.811l1.176-1.128a1.421,1.421,0,0,1,1-.458,1.127,1.127,0,0,1,.792.384,1.107,1.107,0,0,1,.213,1.327l1.511.316-.662.635L50.516,39.6l-.437.419.789.824-.566.543Zm2.338.157a.519.519,0,0,0,.078-.787c-.233-.242-.522-.2-.8.058l-.563.539.709.74Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_76'%20data-name='Контур%2076'%20d='M52.337,37.592l-.806-1.873.722-.311.8,1.856c.229.533.615.695,1.055.506a.738.738,0,0,0,.369-1.091L53.668,34.8l.721-.311.795,1.851a1.437,1.437,0,0,1-.8,2.1A1.416,1.416,0,0,1,52.337,37.592Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_77'%20data-name='Контур%2077'%20d='M56.282,37.148l.428-.583a1.636,1.636,0,0,0,1.089.365c.32-.021.5-.159.491-.378-.013-.2-.141-.292-.745-.407-.728-.138-1.2-.307-1.248-1.023a1.116,1.116,0,0,1,1.177-1.151,2.066,2.066,0,0,1,1.35.369l-.369.615a1.678,1.678,0,0,0-.947-.292c-.3.019-.449.166-.438.349.016.233.173.3.8.419.733.142,1.156.376,1.2,1.006.045.707-.469,1.136-1.236,1.185A2.268,2.268,0,0,1,56.282,37.148Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_78'%20data-name='Контур%2078'%20d='M61.185,35l-1.052-.26.172-.7,2.868.708-.173.7-1.053-.26-.682,2.758-.761-.187Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_79'%20data-name='Контур%2079'%20d='M63.553,36.777a1.835,1.835,0,0,1,2.579-.521,1.96,1.96,0,0,1,.907,1.178l-.741.229a1.313,1.313,0,0,0-.584-.814,1.131,1.131,0,0,0-1.187,1.919,1.253,1.253,0,0,0,.736.225l.28-.427-.662-.433.371-.568,1.3.849-.849,1.3a2.318,2.318,0,0,1-1.587-.361A1.791,1.791,0,0,1,63.553,36.777Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_80'%20data-name='Контур%2080'%20d='M67.122,39.715l1.66-1.185.456.64-1.644,1.172a.752.752,0,0,0-.27,1.139.737.737,0,0,0,1.144.129l1.665-1.187.455.64-1.639,1.169a1.437,1.437,0,0,1-2.221-.339A1.416,1.416,0,0,1,67.122,39.715Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_81'%20data-name='Контур%2081'%20d='M71.72,43.955l.183.7-3.091,2.382-.206-.794.692-.516-.379-1.459-.856-.115-.2-.773ZM69.9,45.281l1-.749-1.238-.168Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_82'%20data-name='Контур%2082'%20d='M72.309,47.937l-.18,1.621a1.423,1.423,0,0,1-.476.994,1.126,1.126,0,0,1-.854.212,1.108,1.108,0,0,1-1.015-.882l-1.362.725.1-.913,1.221-.643.066-.6-1.134-.126.086-.78Zm-1.9,1.379c-.043.379.136.62.444.655.335.037.533-.177.575-.557l.087-.775L70.5,48.526Z'%20fill='%23ffde5f'%3e%3c/path%3e%3cpath%20id='Контур_83'%20data-name='Контур%2083'%20d='M71.4,52.782l-.642,1.233A1.785,1.785,0,1,1,67.6,52.37l.642-1.232ZM68.228,52.7a1.075,1.075,0,0,0,1.907.992l.279-.537-1.906-.993Z'%20fill='%23ffde5f'%3e%3c/path%3e%3c/g%3e%3cpath%20id='Контур_84'%20data-name='Контур%2084'%20d='M66.289,54.615l-.039-.022a10.365,10.365,0,0,1-17.892-9.309c-.878-.131-1.647-.217-2.479-.318l-.658-.1-.1-.023A13.623,13.623,0,0,0,68.751,56.681,2.6,2.6,0,0,1,66.289,54.615Z'%20fill='%23ffde5f'%3e%3c/path%3e%3c/g%3e%3c/svg%3e)
Trust Statement
This Trust Statement describes the general security, confidentiality and operational practices of PT. TRUSTGUARD PRO TRADE ("Company", "we", "us", "our") in connection with software development, implementation, integration, support, maintenance and related technology services.
This statement is provided for general informational purposes. Project-specific security, hosting, backup, audit, support, incident notification or compliance requirements are agreed separately in the applicable proposal, Statement of Work, service agreement or security addendum.
1. Our Role
The Company provides B2B software development and technology services.
The Company acts solely as a technology services provider. We do not provide banking, payment, e-money, investment, lending, crypto-asset, wallet, custody, remittance, acquiring, card issuing or other regulated financial services.
Where a client project involves regulated functionality, the client and/or its licensed providers remain responsible for all required licences, approvals, KYC/AML, sanctions screening, transaction monitoring, customer onboarding, customer disclosures and other regulated obligations.
2. Security Approach
The Company applies reasonable technical and organisational measures designed to protect client information, project materials, access credentials, source code and systems accessed in connection with our services.
Our approach may include:
- controlled access to client and project resources;
- access on a need-to-know basis;
- confidentiality obligations for personnel and contractors;
- secure handling of credentials, tokens and access keys;
- reasonable separation of development, testing and production environments where applicable;
- code review and testing practices appropriate to the project;
- incident escalation and client notification procedures;
- responsible use of third-party tools and service providers.
3. Access Control
Access to client systems, repositories, documents and environments is limited to personnel who require access for the agreed project.
Where supported by the relevant tools or platforms, we use access controls, user permissions and authentication measures to reduce the risk of unauthorised access.
Access may be reviewed, changed or removed when personnel roles change, project requirements change or the engagement ends.
4. Confidentiality
Personnel, contractors and service providers who may access client information are expected to maintain confidentiality and use such information only for the purpose of providing the agreed services.
Client information is not used for unrelated purposes without the client's permission.
5. Credentials and Client Access
Credentials, API keys, tokens, passwords and other access details provided by clients must be handled with care and used only for the agreed project.
Where possible, clients are encouraged to provide individual user accounts, limited permissions and temporary access rather than shared or permanent credentials.
Access to production systems should be limited and granted only where necessary for delivery, troubleshooting, deployment or support.
6. Software Development Practices
The Company follows practical software development practices appropriate to the nature and scope of each project.
These may include:
- project planning and documentation;
- source code management;
- peer review or code review where appropriate;
- testing before release;
- issue tracking and change management;
- use of reputable development tools and frameworks;
- reasonable review of third-party libraries and dependencies.
Specific development, testing, release, documentation or quality assurance requirements are agreed separately in the applicable project documents.
7. Data Protection
Where the Company processes personal data on behalf of a client, it does so only for the purpose of providing the agreed services and in accordance with the applicable agreement, Privacy Policy and Data Processing Agreement, where applicable.
The Company does not intentionally process sensitive personal data unless this is required for a specific project and agreed in writing with the client.
8. Backups and Recovery
Backup, recovery, disaster recovery, uptime and availability requirements depend on the hosting model, project architecture and client requirements.
Unless expressly agreed otherwise, project-specific backup schedules, retention periods, recovery time objectives, recovery point objectives and disaster recovery procedures are defined in the applicable Statement of Work, service agreement or hosting arrangement.
9. Incident Response
If the Company becomes aware of a security incident affecting client information or systems under its responsibility, it will take reasonable steps to assess, contain and address the incident.
Where the incident affects client data or client systems, the Company will notify the client without undue delay and cooperate reasonably with the client's investigation and remediation efforts.
The client remains responsible for regulatory notifications, customer notifications and other legal obligations unless otherwise agreed in writing.
10. Third-Party Providers
The Company may use third-party tools and service providers for hosting, development, communication, project management, analytics, security, backup, accounting or other business purposes.
The Company uses reputable providers and applies reasonable contractual or operational safeguards where third-party providers may process client data or personal data.
Use of specific hosting providers, cloud platforms, tools or subprocessors may be agreed separately with the client.
11. Client Responsibilities
Clients are responsible for:
- providing accurate project requirements;
- granting appropriate and limited access to systems;
- maintaining security of their own accounts, systems and environments;
- ensuring they have the right to provide data and materials to the Company;
- reviewing and testing deliverables before production use;
- complying with laws and regulations applicable to their business and users.
12. No Certification Claims
Unless expressly stated in writing, PT. TRUSTGUARD PRO TRADE does not claim to be certified under ISO 27001, SOC 2, PCI DSS or any other specific security certification.
The Company's controls are intended to be aligned with reasonable industry practices for software development and technology services, but project-specific compliance requirements must be agreed separately.
13. Contact
For security-related questions, please contact:
PT. TRUSTGUARD PRO TRADE
Address: Jalan Ratna Nomor 80, Kota Denpasar, Provinsi Bali, Kode Pos 80239, Indonesia
Email: security@trustguard.group
Phone: +44 7488 818410
Website: https://trustguard.group