SaturnusGo is committed to regulatory and industry compliance across the regions where we operate. This page summarizes our approach to governance, risk, and compliance.
Section 1
Governance
Ownership, policies, and oversight.
- Documented policies for privacy, security, incident response, and vendor management.
- Executive oversight with periodic risk and policy reviews.
- Designated contacts for legal, security, and privacy matters.
Section 2
Security Program
Controls across people, process, and technology.
- Encryption
- In transit and at rest where applicable; key management aligned with best practices.
- Access Control
- Least privilege, MFA for sensitive operations, and periodic access reviews.
- SDLC
- Secure development lifecycle, code review, and dependency monitoring.
- Vulnerability Management
- Regular scanning, patching SLAs, and risk-based remediation.
- Logging & Monitoring
- Audit logs and alerting for critical systems, with retention policies.
- Incident Response
- Playbooks, on-call coverage, and post-incident reviews.
Section 3
Privacy & Data Protection
Minimization, purpose limitation, and user rights.
- Data mapping, retention schedules, and access governance.
- Support for data subject requests where applicable.
- Privacy by design in new features and integrations.
Section 4
Payments & Financial
Work with certified processors and follow applicable standards.
We collaborate with certified payment processors and follow applicable standards for handling payment data, including tokenization and segregation of duties where relevant.
Section 5
Regional Obligations
Local requirements by market.
We evaluate local laws (consumer protection, e-commerce, transportation, events) before launch and on an ongoing basis, updating policies, disclosures, and controls as regulations evolve.
Section 6
Contact
Compliance inquiries and notices.
Email: compliance@saturnusgo.com