Security & Trust

Incident Response Policy

Version: IR-2026-07-08
Last updated: July 8, 2026.

1. Overview

TSP Scale's Incident Response Policy defines the procedures our team follows when a potential security incident or data breach is detected. Our primary goals are to contain the incident, minimize impact, protect customer data, and restore normal operations as quickly as possible.

2. Detection and Identification

Incidents are detected through continuous infrastructure monitoring, automated security alerts, internal audits, and responsible disclosure reports from security researchers. Upon detection, a dedicated Incident Response Team (IRT) is assembled to investigate the scope and severity of the event.

3. Containment and Mitigation

The IRT's immediate priority is containment. Depending on the nature of the incident, containment steps may include isolating affected systems, rotating compromised credentials, deploying emergency patches, or temporarily suspending specific services to prevent further unauthorized access or data loss.

4. Customer Notification

If we determine that an incident has resulted in the unauthorized access, disclosure, or alteration of your personal data or service data, TSP Scale will notify affected customers without undue delay, and in accordance with applicable legal obligations (such as the DPDP Act 2023). Notifications will include the nature of the breach, the data affected, and the mitigation steps taken.

5. Recovery and Review

Following containment, systems are restored to full operation securely. A post-incident review is conducted for all significant security events to identify root causes, improve our security posture, and prevent similar incidents from occurring in the future.

© 2026 TSP Scale. All rights reserved.