img

Security Policy

Security Policy

Last Updated: February 14, 2026

At Zublana, we take the integrity of our assessments and the security of user data seriously. This policy outlines the technical and organizational measures we use to ensure a safe environment for IQ and personality testing.

Data Encryption

We protect data both when it is moving and when it is stored:

  • In-Transit: All data transmitted between your browser and our servers is encrypted using SSL/TLS (HTTPS). This prevents "man-in-the-middle" attacks where hackers try to intercept your test answers.

  • At-Rest: Sensitive data, including raw test scores and personal identifiers, are encrypted in our databases using industry-standard AES-256 encryption.

Assessment Integrity & Anti-Cheating

To ensure that IQ and Career Potential scores remain reliable, we implement several security layers:

  • Browser Monitoring: Our system detects if a user switches tabs or opens new windows during a timed assessment. Multiple "out-of-tab" events may invalidate the test result.

  • Randomization: Question sets are randomized from a larger pool to prevent users from sharing "answer keys" or memorizing patterns.

  • Copy-Paste Restriction: We disable the ability to copy or right-click on test questions to prevent our proprietary psychometric content from being leaked or fed into AI tools.

Access Control

  • Internal Access: Only authorized Zublana administrators have access to the backend database. Access is granted on a "need-to-know" basis and is protected by Two-Factor Authentication (2FA).

  • User Authentication: Users are encouraged to use strong, unique passwords. We use secure hashing (Bcrypt/Argon2) to store passwords; even we cannot see your actual password.

Payment Security

Zublana does not process or store credit card information on its own servers.

  • All transactions are handled by PCI-DSS compliant providers by Paypal

  • The provider use secure tokens to process your payment, ensuring your financial details never touch our local system.

Incident Response (UU PDP Compliance)

In compliance with Indonesia's Personal Data Protection Law (UU PDP):

  • Breach Notification: In the event of a suspected data breach, Zublana will notify the relevant authorities and affected users within 72 hours of discovery.

  • System Audits: We perform regular vulnerability scans and updates to our web framework to patch security holes.

Vulnerability Disclosure

We welcome reports from ethical hackers and security researchers. If you find a security flaw on zublana.com, please contact us at support@zublana.com rather than exploiting it.

We may use cookies or any other tracking technologies when you visit our website, including any other media form, mobile website, or mobile application related or connected to help customize the Site and improve your experience. learn more

Allow