Security Procedures

Last updated: February 22, 2026

These Security Procedures describe how Break Space Inc. dba Pyract (“Pyract”) operationalizes the controls in the Information Security Policy.

1. Access

Production access is restricted and reviewed. Access is secured with strong authentication. Access is revoked promptly when no longer required.

Sensitive data and tokens are stored securely. Client-side exposure is prevented. Demo and production environments are separated.

Security events and access are logged and reviewed.

Backups are maintained and periodically tested for recovery. Access to backups is restricted.

Incidents are investigated, contained, and remediated.

Third-party services are used only as needed and expected to maintain security standards.