Payment & Data Security

Card Payments

All card payments are processed on the PCI-DSS compliant infrastructure of our payment partners (Bank of Maldives Payment Gateway, Stripe). Your card details are entered on the payment provider's secure hosted page and are transmitted directly between you and the provider; they are not seen or stored by Incendia.

Encryption in Transit

All data exchanged with our website is protected by TLS 1.2 or higher. URLs marked with https:// in your browser indicate that the connection is encrypted.

Data at Rest

Account passwords are stored using industry-standard one-way hashing. Sensitive integration credentials (API keys, webhook secrets) are encrypted at rest using application-level encryption.

Recommendation

For your records, we recommend that you retain a copy of your transaction confirmation, invoice and our policies after each purchase.

Reporting Security Issues

If you believe you have found a security issue, please contact hello@incendia.mv so we can investigate.