hello@zarqnix.com
Visakhapatnam, Andhra Pradesh · India
Security
Our principles
Every credential we handle is signed with Ed25519 and anchored to a Merkle transparency log. Tamper-evidence is built in at the protocol layer, not bolted on.
Production access is gated, audited, and time-bound. No engineer holds standing credentials to customer data. Every access decision is logged and reviewable.
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Sensitive fields are additionally encrypted at the application layer with per-tenant keys.
We build on W3C Verifiable Credentials, OpenID Connect, and other open specs. Auditable cryptography beats clever cryptography every time.
We collect the minimum data necessary, retain it for the shortest time possible, and give users complete control over what is shared and with whom.
If you find a vulnerability, tell us at security@zarqnix.com. We acknowledge within 24 hours and resolve critical issues within 7 days.
Certifications & compliance
Where we stand today — updated as audits complete.
Responsible disclosure
We treat security reports as a gift. Email with a description of the issue and steps to reproduce. We will acknowledge within 24 hours, keep you updated throughout, and credit you publicly — with your permission — once the fix ships.
We do not pursue legal action against researchers acting in good faith. We ask only that you give us a reasonable time to investigate and fix before public disclosure.