XVIII. VAMBLE SECURITY POLICY SUMMARY

Vamble, Inc. (“Vamble”, “we”, “us”, or “our”) is committed to protecting the security and integrity of User data, funds, and our Platform. We implement the following technical and organizational measures:

1. DATA PROTECTION

All sensitive data is encrypted in transit (SSL/TLS) and at rest. Access to personal and financial data is strictly limited to authorized personnel.

2. PLATFORM & APPLICATION SECURITY

1. Regular vulnerability scans and penetration testing.
2. Multi-factor authentication (MFA) for staff and admin accounts.
3. Continuous monitoring and logging of system activity.
4. Strict code review and change management processes.

3. INFRASTRUCTURE SECURITY

1. Use of secure, industry-leading cloud providers with recognized security certifications.
2. Separation of production and development environments.

4. INCIDENT RESPONSE

1. Incident response plan to detect, contain, and remediate threats or breaches.
2. Users and authorities are notified of breaches per applicable law.

5. USER GUIDANCE

Users should protect login credentials and promptly report any suspicious activity.

6. UPDATES

This summary may be updated. Full policy is available to partners/regulators upon request by contacting the Security Team at security@vamble.com.

7. CONTACT

Security Team

Vamble, Inc.

security@vamble.com

Mailing Address provided in Section XX. 1.6 (Mail)