Home/Security & Compliance

Security & Compliance

Effective Date: January 01, 2026  ·  Last Updated: May 01, 2026

1. Introduction

At Chigisoft, security, operational reliability, and responsible technology practices are foundational to how we design, build, deploy, and support digital systems.

As a Product Engineering & Technology Services company operating across multiple markets, we recognise the importance of protecting:

  • Client systems
  • Infrastructure
  • Data
  • Applications
  • Operational environments
  • Digital experiences

This page outlines Chigisoft's general approach to security, privacy awareness, operational resilience, and compliance-conscious delivery.

2. Our Security Philosophy

We believe security should be integrated into technology operations—not treated as an afterthought.

Our approach focuses on:

  • Responsible system design
  • Operational discipline
  • Risk awareness
  • Infrastructure resilience
  • Controlled access
  • Continuous improvement

Security practices may vary depending on:

  • Project scope
  • Infrastructure requirements
  • Client environments
  • Compliance obligations
  • Operational complexity

3. Infrastructure & Platform Security

Depending on the engagement, Chigisoft may implement security-focused operational measures such as:

  • Secure hosting environments
  • Access management controls
  • Environment separation (development, staging, production)
  • Infrastructure monitoring
  • Logging and auditing
  • Backup and recovery processes
  • Availability monitoring
  • Role-based permissions
  • Secure deployment workflows
  • Controlled infrastructure access

Infrastructure providers and environments may vary based on project requirements.

4. Access Control & Authentication

Chigisoft seeks to apply responsible access management principles including:

  • Least-privilege access
  • Role-based permissions
  • Credential protection
  • Controlled administrative access
  • Multi-factor authentication where appropriate
  • User access reviews where applicable

Access to systems and operational environments is limited to authorised personnel where reasonably required.

5. Encryption & Data Protection

Where appropriate and commercially reasonable, Chigisoft may implement:

  • Encryption in transit
  • Encryption at rest
  • Secure communication protocols
  • Data handling safeguards
  • Confidentiality obligations
  • Access restrictions

Security measures vary depending on:

  • Infrastructure architecture
  • Service scope
  • Client requirements
  • Third-party providers

6. Monitoring, Logging & Operational Awareness

Operational visibility is important to maintaining system stability and security.

Depending on the environment, Chigisoft may implement:

  • Infrastructure monitoring
  • Application monitoring
  • Event logging
  • Error tracking
  • Performance monitoring
  • Operational alerting
  • Incident awareness procedures

These practices help support operational reliability and issue detection.

7. Backup & Recovery Practices

Where applicable, Chigisoft may implement backup and recovery procedures designed to support:

  • Business continuity
  • Operational resilience
  • Data recovery
  • Infrastructure restoration
  • Service continuity

Backup approaches may vary depending on:

  • Client requirements
  • Infrastructure architecture
  • Hosting environments
  • Service agreements

8. AI Systems & Security Considerations

Certain Chigisoft solutions may involve:

  • AI integrations
  • Workflow automation
  • AI-powered analytics
  • AI readiness assessments
  • Third-party AI systems

We recognise that AI systems may introduce additional considerations including:

  • Data handling risks
  • Operational oversight requirements
  • Third-party dependencies
  • Output validation considerations
  • Automation controls

Where appropriate, we seek to implement commercially reasonable safeguards designed to support responsible AI deployment.

9. Third-Party Providers & Infrastructure

Chigisoft may utilise trusted third-party providers for:

  • Cloud hosting
  • Infrastructure services
  • Analytics
  • Communication systems
  • AI services
  • Monitoring tools
  • Security tooling

Third-party providers operate under their own:

  • Security controls
  • Availability standards
  • Privacy policies
  • Operational practices

While we carefully evaluate providers where appropriate, Chigisoft does not control third-party infrastructure environments.

10. Compliance Awareness

Depending on the engagement, jurisdiction, and operational requirements, Chigisoft seeks awareness of applicable obligations and best practices relating to:

  • Privacy and data protection
  • Operational security
  • Responsible AI implementation
  • Infrastructure reliability
  • Secure software delivery

This may include consideration of frameworks, principles, or obligations associated with:

  • PIPEDA
  • NDPA
  • GDPR principles
  • Industry operational expectations

Unless explicitly stated in writing, references to security or compliance awareness do not constitute formal certifications.

11. Shared Responsibility

Security is a shared responsibility.

Clients and users also play important roles in maintaining secure environments.

Clients are encouraged to:

  • Maintain secure credentials
  • Control internal access appropriately
  • Train personnel responsibly
  • Communicate security concerns promptly
  • Maintain internal governance practices
  • Review access permissions regularly

Security outcomes may depend on client-side operational practices and infrastructure decisions.

12. Incident Awareness & Response

Chigisoft seeks to maintain operational awareness and respond appropriately to identified issues or incidents.

Response activities may vary depending on:

  • Severity
  • Environment
  • Service scope
  • Infrastructure ownership
  • Client agreements

Where applicable, commercially reasonable steps may be taken to:

  • Investigate issues
  • Contain operational impact
  • Restore services
  • Improve operational safeguards

13. Continuous Improvement

Technology, threats, and operational expectations evolve continuously.

Chigisoft seeks to continuously evaluate and improve:

  • Operational practices
  • Security approaches
  • Infrastructure workflows
  • AI governance considerations
  • Delivery methodologies
  • Risk awareness processes

Operational improvements may evolve over time as technologies and business requirements change.

14. Security Limitations

No digital system, infrastructure environment, or internet-based service can be guaranteed to be completely secure.

Users acknowledge that:

  • Security risks exist across digital systems
  • Third-party providers may experience failures or incidents
  • Human error may occur
  • Operational disruptions may happen
  • Sophisticated attacks may bypass safeguards

Chigisoft implements commercially reasonable efforts designed to reduce risk and support responsible operations but cannot guarantee absolute security.

15. Contact Information

🇨🇦 Canada

Chigisoft Limited
Calgary, Alberta, Canada

Email: [email protected]
Phone: +1 825 734 4811

🇳🇬 Nigeria

CHIGISOFT Limited
Port Harcourt, Rivers State, Nigeria

Email: [email protected]
Phone: +234 805 609 5332

Related Policies

Privacy PolicyTerms of UseCookie PolicyResponsible AI Policy

Get the Chigisoft Advantage now!

Find your solution

© 2016 - 2026 CHIGISOFT (A Prevera Company) • Registration: 🇨🇦Canada - 1447679-4 • 🇳🇬Nigeria - RC 1370719. “Chigisoft”, and “DUMO” are registered trademarks of Chigisoft Limited • Port Harcourt RV, Nigeria | Calgary AB, Canada.