Security and Data Handling Statement

At Abilr, protecting user information is a top priority. This statement outlines our practices for securing personal data, managing access, and maintaining platform integrity.

1. 🛡️ Data Security Overview

  • Abilr uses industry-standard encryption (SSL/TLS) to protect all data in transit.
  • Personal data is stored on secure, encrypted servers managed by verified third-party cloud providers.
  • Payment data is never stored directly on Abilr servers.

2. 💳 Payment Information Handling

  • All payments are processed via PCI-DSS-compliant providers:
    • Stripe for card transactions
    • STP/Conekta for SPEI bank transfers
  • Abilr does not store full credit card or bank account numbers.
  • Tokenized identifiers are used to associate users with their payment methods securely.

3. 🔐 User Account Protection

  • Passwords are stored using one-way cryptographic hashing (bcrypt).
  • Two-factor authentication (2FA) is planned for V1.
  • Suspicious login or activity triggers automatic alerts and account lockdowns.
  • Users are responsible for maintaining the confidentiality of their own login credentials.

4. 🔍 Access Control & Internal Handling

  • Only authorized staff with specific clearance can access user or transaction data.
  • Access is restricted using role-based permissions and logged for transparency.
  • Admin staff are trained in data privacy compliance and safe handling procedures.

5. 🧑‍💻 Third-Party Integrations

Abilr integrates with the following providers:

Provider Purpose Security Certification
Stripe Payment processing PCI-DSS Level 1
STP/Conekta Bank transfers (SPEI) CNBV-regulated, encrypted
Google Cloud Data hosting & storage ISO 27001, SOC 2, GDPR
Email APIs Communication and alerts TLS/SSL + OAuth2 access

6. ⏳ Data Retention

  • User data is retained only as long as necessary to deliver services and comply with legal obligations.
  • Inactive accounts are deleted or anonymized after 24 months of inactivity (with prior notice).

7. 🧾 Legal Compliance

  • Abilr complies with applicable data protection laws, including:
    • Mexico’s Federal Law on Protection of Personal Data (LFPDPPP)
    • General Data Protection Regulation (GDPR) — applicable to EU users
  • Users may request data access, correction, export, or deletion at any time.

8. 📢 Security Breach Protocol

In the event of a security breach:

  • Affected users will be notified within 72 hours of detection.
  • Abilr will promptly initiate a full internal review, disable compromised systems, and reset user credentials if necessary.
  • Public updates will be issued via official support channels.

✅ User Responsibility

  • Keep your login credentials confidential.
  • Avoid sharing sensitive info (bank details, personal IDs) via chat.
  • Report any suspicious activity to Abilr immediately.

📌 Acceptance

By using Abilr, you acknowledge and accept this Security and Data Handling Statement, in conjunction with our Privacy Policy and Terms of Service.

Find professional support when you need it

Access verified psychologists, nutritionists, and experts via video call quickly, securely, and from the comfort of your home.

Our Experts

Abilr connects people with trusted professionals via video call, offering quick access to services that improve well-being, health, and productivity.

Technicians

Clients

Copyright © 2025 Abilr. Privacy Policy. A trusted platform for modern services. All rights reserved.