🇦🇪 UAE · GCC
Security at Infytrix

Security built on
responsible access

We connect to marketplace platforms through official, authorised API programmes. Your data, your control — always. Here's exactly how we protect it.

Security Architecture
How we protect
your data
🔒
Encryption in Transit
All data transmitted between your systems, marketplace APIs, and Infytrix servers is encrypted using industry-standard protocols. No data travels over unencrypted connections.
TLS 1.2+
🛡️
Encryption at Rest
All data stored on Infytrix infrastructure — including marketplace data, account information, and analytics — is encrypted at rest using AES-256 encryption.
AES-256
👤
Access Controls
Data access within Infytrix is strictly role-based. Only authorised personnel with a legitimate business need can access client data, and all access is logged and audited.
Role-Based Access
🔑
OAuth 2.0 Authorisation
All marketplace connections require explicit OAuth 2.0 consent. You approve exactly which data scopes we can access — and you can revoke that consent at any time through your marketplace account settings.
OAuth 2.0
🔍
Regular Security Reviews
We conduct regular internal security reviews and vulnerability assessments to identify and address potential risks before they become issues. Our infrastructure is continuously monitored.
Continuous Monitoring
📋
Audit Transparency
Every autonomous decision made by Mark8IQ AI Agents is logged with full transparency — including rationale, data sources used, and actions taken. Full auditability for UAE enterprise clients.
100% Audit Trail
Marketplace API Access
Authorised access.
Nothing more.

Infytrix connects to Amazon.ae, Noon, and other GCC marketplace platforms through their official, authorised API programmes. Every integration follows a seller-initiated consent process — we never access your account without your explicit approval.

We access only the specific data scopes required to deliver your subscribed Mark8IQ services. We use that data for no other purpose, and we never share it with third parties.

1
You initiate the connection
From within your Mark8IQ account, you choose which marketplace to connect. We generate an OAuth 2.0 authorisation request.
2
You approve specific scopes
Your marketplace (Amazon.ae or Noon) shows you exactly which data we're requesting access to. You approve or decline each scope individually.
3
We access only what you approved
We retrieve only the data scopes you authorised, solely to power your Mark8IQ features. No additional data is ever accessed.
4
You stay in control
Revoke our access at any time through your marketplace Seller Central or partner portal settings. Your access, your rules.
Incident Response
When things go wrong,
we act fast
24h
Breach Notification
Confirmed breaches reported to affected clients and UAE Data Office within 24 hours of confirmation
1h
Initial Response
Our security team initiates incident assessment within 1 hour of a confirmed security event
100%
Transparency
Full disclosure of incident scope, affected data, and remediation steps to all affected parties
UAE
Compliance
All incident response procedures aligned with UAE Federal Decree-Law No. 45 of 2021 (PDPL)
Responsible Disclosure
Found a vulnerability?
Tell us.

We take security seriously and appreciate the work of security researchers. If you discover a potential security vulnerability in our platform or infrastructure, please contact us responsibly.

We commit to investigating all reports promptly and keeping you informed of our progress. We will not take legal action against researchers who act in good faith and follow responsible disclosure principles.

Security contact:

Email: info@infytrix.ae

Subject line: Security Disclosure

We aim to acknowledge all reports within 2 working days.

What to include in your report
  • Description of the vulnerability and its potential impact
  • Steps to reproduce the issue clearly and concisely
  • Any proof-of-concept code or screenshots (if applicable)
  • Your contact details for follow-up
  • Whether you have disclosed this to any third parties
Our commitment to you
  • Acknowledge your report within 2 working days
  • Provide regular updates on our investigation progress
  • Notify you when the vulnerability is resolved
  • Credit you in our disclosure notes if you wish
  • Not pursue legal action for good-faith disclosures