Security & Data Protection

Last updated: [Effective date — e.g. 24 June 2026]

At [Company Legal Name] (“Dacoo”, “we”, “us” or “our”), protecting your data and that of your End Customers is a priority. This statement summarises the measures we take to keep the Dacoo platform (the “Service”) secure.

1. Our Commitment

We apply technical and organisational measures designed to protect the confidentiality, integrity and availability of data processed through the Service, in line with good international practice and applicable Myanmar law.

2. Encryption

Data transmitted between you and the Service is protected using industry-standard encryption (TLS) in transit. Sensitive data at rest is encrypted using strong encryption standards.

3. Access Controls

Access to systems and data is restricted on a least-privilege basis. We use role-based access, strong authentication for staff, and logging of administrative activity.

4. Infrastructure, Hosting and Backups

The Service runs on reputable cloud infrastructure with physical and network security controls. We perform regular backups to support recovery in the event of an incident.

5. Monitoring and Incident Response

We monitor our systems for security events and maintain an incident-response process. If a data breach affecting your personal data occurs, we will notify affected users and authorities as required by applicable law.

6. Your Responsibilities

Security is a shared responsibility. Please use a strong, unique password, keep your credentials confidential, manage team access carefully, and notify us promptly of any suspected unauthorised access.

7. Responsible Disclosure

We welcome reports of security vulnerabilities. If you believe you have found a security issue, please contact us at [security@dacoo.com] and allow us reasonable time to investigate and remediate before public disclosure.

8. Contact Us

For security or data-protection questions, contact [Company Legal Name] at [security@dacoo.com] or by post at StartCity, Thanlynn, Yangon.