Privacy & Security

Account security

JLCMC encrypts all data in transit, all login information and credentials are always protected. JLCMC use Bcrypt password-hashing function to ensure your passwords are properly encrypted. Your account login is protected from brute force attack with rate limiting.

Strengthen your account security - Creating a strong, unique password

Use at least 8 characters, including upper and lowercase letters, numbers and symbols.
Don’t include words or dates associated with you, like your name, family names, pet names, dates of birth, or anniversaries.
Don’t use common words like “password” or “qwerty”. They’re easily guessed and not secure.

Data privacy and protection

All data is secured and encrypted both at rest and during transit, compliant with ISO/IEC 27001:2022 and ISO/IEC 27701:2019 standards. Our multi-layered protection includes secure data transfer, modern encryption protocols, and encrypted block storage - independently certified for information security and privacy management.

Strengthen your account security -Creating a strong, unique password

Leading encryption technology like HTTPS/TLS/SSL are used for securing data in transit
Web Application Firewall (WAF) secures data and prevents server malfunctions caused by malicious activities and attack
CDN enables faster content delivery and addresses data integrity and privacy concerns
Firewalls, antivirus, and antimalware are used to prevent attacks
Create comprehensive network security environment by training employees about networks security and its importance
Data is hosted in Amazon Web Services (AWS) and leverages its infrastructure and multiple security certifications
Your data and information is always protected, secure, and only used for the purposes described in our privacy policy .

Payment Security

The security of your payment information is very important to us. JLCMC ensures that your payment data is handled securely at every step.

All transactions are encrypted using Secure Sockets Layer (SSL) and so is protected from theft.
We use third-party payment processors that are fully PCI-DSS compliant , which means they meet all industry standards for cardholder security.
We never store your credit card number or your security code (CVV code).

We never sells your card information.

We offer a variety of payment methods, which may vary depending on your country or region.

Learn More >

Access Restriction and Control

In addition to keeping data private, true security requires that access to all systems is tightly controlled. The following protocols and technologies ensure that access to JLCMC systems is granted only to authorized individuals:

User- and/or role-based access management
All users access related information maintained in an encrypted database
Only authorized users can access the data
Strong password policies enforced
Access to JLCMC systems via secure (HTTPS) browser sessions
Segregation of duties in place to ensure hierarchical security paradigm
Strict identity verification for person and device to access resources on our internal network

Third-party partners Security-first

We assess third-party partners and vendors for fit and security risk based on the services they provide. We also make sure the right technical and contractual commitments are in place.

Incident Response

There’s no such thing as “too secure.” We put data protection at the front of every decision we make. When a serious security incident occur, JLCMC will:

Rapidly resolve the incident thanks to 24x7 monitoring of our systems for intrusion detection and anomalies
If the incident represents a risk to external users or customers, JLCMC is committed to communicating that risk, along with an incident summary, to all affected parties as quickly and comprehensively as possible.
GB 17859-1999 Classified criteria for security protection of computer information system Level 3

Report a security event or vulnerability to the JLCMC Team

Please notify JLCMC Support to report a security event/vulnerability, like unauthorized account usage or a suspected data breach.