Itqan Tools

How we approach security

At Itqan we take the security of your data seriously. We aim to provide a trustworthy environment for every user. Our services rely on modern practices and international benchmarks to protect personal information and files.

Security standards

We align with ISO/IEC 27001 and widely recognised principles for information security management.

Data protection

Encryption & safeguards

TLS encryption (data in transit)

Data in transit is protected with modern SSL/TLS.

Secure storage

Files are stored on reliable infrastructure with regular backups.

Key management

Encryption keys are handled with strict confidentiality.

Secure deletion

Secure deletion so files cannot be recovered using recognised wiping standards.

Privacy approach

We collect only the personal data needed to deliver the service.
We do not sell or share user data with third parties for marketing.
You can access, correct, or request deletion of your data where applicable.
We strive to comply with relevant privacy laws and regulations.
We run periodic reviews to verify ongoing compliance.

Security features

Two-factor authentication

Two-factor authentication adds another layer using a code from your phone.

Password reset

A safe, straightforward way to regain access if you forget your password.

Secure sessions

Inactive sessions expire automatically to reduce unauthorised access.

Activity logging

Logging of sign-ins and sensitive actions to spot suspicious activity.

Infrastructure security

Component	Protection	Details
Firewalls	Active	Advanced firewalls to filter suspicious traffic.
Intrusion detection	Continuous monitoring	IDS/IPS capabilities to detect and block intrusion attempts.
Server monitoring	24/7	Around-the-clock monitoring for availability and performance.
Backups	Daily	Daily backups with redundancy across locations.
Penetration testing	Periodic	Periodic penetration testing by qualified specialists.
Security updates	Prompt	Prompt application of security patches and vulnerability fixes.

Staff security & access

Access policies

Least privilege — each employee receives only the access required for their role
Regular security training for all staff
Thorough background checks before hiring
Legally binding confidentiality commitments for everyone
Periodic reviews of access rights
Immediate revocation of access when someone leaves the organisation

Training & awareness

Security awareness programme

All staff receive regular training on security best practices so they understand common threats and how to prevent incidents.

Incident response

We maintain a documented plan for responding quickly to security incidents:

Phase 1: Detection

Fast detection through monitoring and alerting systems.

Phase 2: Alert

Immediate escalation to the security response team.

Phase 3: Containment

Swift steps to limit impact and isolate affected systems.

Phase 4: Recovery

Restore services and verify integrity before returning to normal.

Reporting incidents

If you notice suspicious activity or believe you have faced a security incident, contact us immediately by email: support.itqantools@gmail.com

Compliance & certifications

ISO/IEC 27001

International standard for information security management

GDPR

Full alignment with the General Data Protection Regulation

Local privacy laws

Compliance with Jordanian and applicable international privacy laws

SOC 2 Type II

Broad assessment of security and operational controls

Questions about security?

We are happy to answer questions about security and privacy. Contact us with any concern.

Email

support.itqantools@gmail.com

Technical support

Contact us

Security & protection