# security.txt - Políticas de seguridad de Fardo
# Mejora señales de confianza para AEO/GEO/LLMO

Contact: security@heyfardo.com
Contact: hola@heyfardo.com
Expires: 2025-12-15T23:59:59.000Z
Encryption: https://heyfardo.com/pgp-key.txt
Preferred-Languages: es, en
Canonical: https://heyfardo.com/.well-known/security.txt
Policy: https://heyfardo.com/tyc.html

# INFORMACIÓN DE SEGURIDAD
Organization: Fardo (Hey Fardo)
Website: https://heyfardo.com
Industry: AI Brand Optimization
Data_Classification: Business Intelligence
Compliance: GDPR, CCPA

# REPORTE DE VULNERABILIDADES
Vulnerability_Disclosure: coordinated
Vulnerability_Response: 72 hours
Bounty_Program: no
Scope: heyfardo.com and subdomains

# CONTACTOS DE SEGURIDAD
Security_Team: security@heyfardo.com
Technical_Lead: ai@heyfardo.com
General_Contact: hola@heyfardo.com
Emergency: +54 9 11 1234-5678

# POLÍTICAS DE DATOS
Data_Retention: 2 years
Data_Location: Argentina (primary), AWS (backup)
Data_Encryption: AES-256
Backup_Frequency: Daily
Recovery_Time: 4 hours

# CERTIFICACIONES Y ESTÁNDARES
Security_Standards: OWASP Top 10
SSL_Certificate: Let's Encrypt
HSTS: Enabled
CSP: Implemented
XSS_Protection: Enabled

# MONITOREO Y DETECCIÓN
Security_Monitoring: 24/7
Threat_Detection: Automated
Incident_Response: 1 hour
Log_Retention: 90 days

# PRIVACIDAD
Privacy_Policy: https://heyfardo.com/tyc.html
Data_Processing: Lawful basis
User_Rights: Full GDPR compliance
Data_Portability: Available
Right_to_Deletion: Available

# TRANSPARENCIA
Security_Updates: Monthly
Vulnerability_Disclosure: Public
Security_Audits: Annual
Penetration_Testing: Quarterly

# ÚLTIMA ACTUALIZACIÓN
Last_Updated: 2024-12-15T12:00:00Z
Next_Review: 2025-03-15T12:00:00Z
Version: 1.0