Security

Policy of Security


Whereas in consideration of security, you the User voluntarily consents to this Policy of Security (herein “Security Policy”). Under this policy, you as the “User” acknowledge to Colletti Tech LLC (herein “Colletti Tech”) of your agreement to the binding terms and conditions of this policy as follows:

Section 1: Guarantee of Use
Whereas strictly conditioned on your acceptance and without modification, you the User issues to Colletti Tech your guarantee of use (herein “guarantee”). Your guarantee shall be binding for your use that is lawful and as intended of any service or product offered by Colletti Tech and it’s affiliates.

Section 2: Prohibited Usage
You as the user, hereby warrant to Colletti Tech against the engaging of activities, usage of services, and usage of products which is abusive, deceptive, fraudulent, inconsistent, unlawful, or such that is suspected to be questionable. Set forth, the following engaging of activities, use of services, and use of products is prohibited:

(a) Credit, currency, transmitter, money, and investment services;
(b) Crypto, digital, virtual, or any currency that is not legal tender;
(c) Copyright, intellectual property, trademark, and service mark infringement;
(d) Confidential, personal, protected, proprietary, or reserved rights infringement;
(e) Counterfeit or fraudulent items, goods, products, sales, and services;
(f) Gambling, betting, or bribing;
(g) Regulated items, goods, practices, and services by exporting laws;
(h) Indecent, pornography, nudity, and obscene user submissions;
(i) Schemes to defraud, deceive, scam, “Get-Rich Quick“, or no value added services;
(j) Alcohol, drug, narcotic, pseudo, pharmaceutical, and paraphernalia goods or items;
(k) Discriminatory, harassing, vulgar, or sexual;
(l) Export, import, sale, trade, or transportation of animals, alcohol, currency and, drugs;
(m) Unless in writing from the Duly Authorized, use by an unaffiliated Information Technology company;
(n) Use of authorized, distributed and sold third-party services or products from affiliates, distributors, manufacturers, vendors and suppliers approved by Colletti Tech, in such manner inconsistent with its intended usage, expressed purpose, terms, conditions, unlawful in any jurisdiction or prohibited from said third-party; and
(o) Use of services or products from Colletti Tech, in such manner inconsistent with its intended usage, expressed purpose or that is unlawful in any jurisdiction shall be prohibited.

Upon breach of this provision (“Section 2 of the Security Policy”), Colletti Tech shall within its right suspend any end user suspected and the termination of account for engaging in such prohibited activities.

Section 3: Monitoring of Activities
All activities conducted shall be subject to monitoring for any Electronic Access Device (collectively “computer, device, network, system, server, or such similar”) within interest of Colletti Tech. Furthermore, as permitted by law, such activities shall be subject to be recording, auditing, transmitted, and replicated offsite.

Section 4: Transmission of Data
Whereof sending and receiving data (“communications”), the necessary encryption protocol and security standard shall be implemented upon transmission of the said communication. Therefore, the following protocols and standards shall hereby be authorized for communications:

(a) X.509 certificates;
(b) Symmetric 256-bit encryption;
(c) RSA public to private token authentication;
(d) SHA-2 algorithm using 256, 384, or 512 bits;
(e) ECC cryptography using 256, or 384 bits;
(f) TLS 4096-bit public key encryption;
(g) SSL 2048-bit public key encryption; and
(h) SHSH 4096-bit algorithm-blob encryption.

All rights to amend protocols and standards for the transmission of data, shall hereby be reserved by Colletti Tech, and such applicable affiliates or vendors.

Section 5: Security of Accounts
Any authorized end user to access the systems of Colletti Tech, shall conform without modification to the security protocols as they may exist from time-to-time. Furthermore, Multi-Factor Authentication (“MFA”) shall be enforced on user accounts with privileges of “Root”, “Administrator”, or such similar. Set forth, to protect all established accounts and identify users, the following protocol shall be mandatory:

(a) Retain-on-file valid photo identification for a user, and secondary form of identification;
(b) Email address shall be required in place of display name for login;
(c) Display name may not be identical to email address;
(d) Password may not be identical nor similar to display name or email address;
(e) Passwords shall require a minimum of eight or more alphanumeric characters with one capital-letter, lowercase-letter, number and special character;
(f) Identifiable personal information on record, such that is legitimate as provided by the user:

(i) Date of Birth;
(ii) Tax Identification Number;
(iii) Physical Address; and
(iv) Phone Number;

(g) Multi-Factor Authentication shall require a generated token, supporting SHA-256 with a six-digit numerical sequence timed at thirty seconds as hereinafter defined:

(i) Hard-Token via USB key or SMART key;
(ii) Soft-Token via Authentication application by an approved vendor; or
(iii) Generated-Token via SMS by an approved cellular carrier.

(h) Soft, hard or static token(s) for backup, emergency, offline and recovery; and
(i) Disclosure of end user credentials, and sharing of user accounts shall be prohibited.

Upon breach of this provision (“Section 5 of the Security Policy“), Colletti Tech shall within its right suspend any end user suspected and the termination of account for failure to secure said account.

Scroll to top