Security

Data Protection Policy

How we protect your data on the JABC portal. This policy applies to all members and website visitors.

Updated

2025

JABC takes the security of member data extremely seriously. The portal hosts sensitive business information, investor data, and diplomatic contacts. This policy explains the technical and organizational measures we have in place to protect your data.

1. Portal Security Measures

Encryption

  • All data transmitted between your browser and our portal is encrypted using SSL/TLS (HTTPS)
  • All member data stored in our database is encrypted at rest
  • Payment data is processed by a PCI-compliant third-party processor — we do not store card numbers

Access Controls

  • Role-based access controls ensure staff can only access data necessary for their role
  • Two-factor authentication (2FA) is required for all admin and staff accounts
  • All admin actions involving member data are logged with timestamp and IP address
  • Suspicious activity triggers automatic account lock and admin alert

Session Security

  • Automatic session timeout after 30 minutes of inactivity
  • Single active session enforcement — new login logs out previous sessions
  • All login attempts are logged

2. Content Protection

JABC implements technical measures to prevent unauthorized extraction and distribution of portal content:

Dynamic Watermarking

Every sensitive page displays your name, Member ID, and timestamp as a low-opacity overlay. If content is captured, it is traceable back to your account.

Screen Capture Detection

The portal monitors for recording activity.

Text Selection Disabled

On member directory, deal room, and investor session pages.

Anti-Scraping

Bulk export and scraping of member directory is technically blocked.

3. Prohibited Activities

The following are strictly prohibited and will result in immediate membership termination and potential legal action:

  • Attempting to screenshot, screen record, or capture portal content for unauthorized distribution
  • Attempting to scrape, export, or bulk download the member directory
  • Sharing your login credentials with non-members
  • Using automated tools, bots, or scripts to access the portal
  • Attempting to bypass any security measure on the portal
  • Accessing member data beyond your tier permissions

4. Data Breach Response

In the event of a data breach that poses risk to members, JABC will:

Notify affected members within 72 hours of becoming aware of the breach
Describe what data was affected and what steps we are taking
Provide guidance on what members should do to protect themselves
Notify relevant regulatory authorities as required by law

5. Your Responsibilities

  • Keep your portal login credentials secure and do not share them
  • Log out of the portal when using shared or public computers
  • Report any suspicious activity or potential security breach to info@jabcouncil.org immediately
  • Do not attempt to access areas of the portal beyond your membership tier permissions