TARGPatrol

TARGPatrol Security and Data Protection Overview

Document Version: 1.2 Last Updated: October 2025

Document Owner: TARGPatrol

1. Purpose

This document provides a high-level overview of the security measures, operational controls, and

technical safeguards implemented by TARGPatrol to protect customer data and support the secure

operation of the platform.

It is intended for customers, prospective customers, partners, and security reviewers who require

general information about TARGPatrol’s approach to application security, data protection,

authentication, authorization, infrastructure security, backup and recovery, audit logging,

vulnerability management, security assessments, penetration testing, incident response, and secure

software development.

This document is provided for informational purposes and does not replace any contractual, legal, or

compliance documentation agreed separately with a customer or partner.

2. Platform Overview

TARGPatrol is a cloud-based field operations platform used to manage tasks, patrols, check-ins,

issues, users, locations, points, media, and operational reports.

The platform is designed for organizations managing distributed teams, field workers, security

personnel, cleaning teams, facility operations, and other mobile workforce activities.

TARGPatrol is hosted on Amazon Web Services (AWS) and uses cloud-based infrastructure to support

scalability, availability, security, and reliability.

3. Cloud Infrastructure

TARGPatrol uses Amazon Web Services as its primary cloud infrastructure provider.

AWS provides the underlying infrastructure for hosting application services, databases, file

storage, networking, monitoring, and related platform components. TARGPatrol benefits from AWS

infrastructure security controls, including physical data center security, network protection,

service availability features, and operational monitoring capabilities.

TARGPatrol applies internal access restrictions and operational controls to protect production

environments. Access to production infrastructure is limited to authorized personnel with a

legitimate business, operational, maintenance, or security-related need.

4. Data Storage and Protection

TARGPatrol stores customer data required for the operation of the platform. This may include

organization information, user accounts, tasks, check-ins, points, locations, issues, uploaded

media, comments, and reporting data.

Customer data is protected through a combination of application-level controls, infrastructure

security, encrypted communication, access restrictions, and role-based permissions.

Access to customer data is limited according to organization membership and assigned user

permissions. Users may only access data belonging to organizations to which they have been granted

access.

5. Authentication

TARGPatrol uses secure authentication mechanisms to control access to the platform.

Users access the platform through individual user accounts. Organization access is granted through

an invitation or membership process. A user must be associated with an organization before they can

access that organization’s data, tasks, reports, locations, issues, and other operational resources.

Authentication controls are designed to help prevent unauthorized access and ensure that only

approved users can access the relevant organization environment.

6. Authorization and Role-Based Access Control

TARGPatrol uses role-based access control to manage permissions within each organization.

Different roles are assigned different access rights depending on the responsibilities of the user.

Administrative users may have access to configuration, user management, reporting, and operational

oversight functionality. Standard users may have access only to the features required to perform

their assigned work, such as completing tasks, performing check-ins, and reporting issues.

This role-based model supports the principle of least privilege by limiting access to the data and

functionality required for each user’s role.

7. Data Encryption

TARGPatrol protects data in transit using encrypted communication over HTTPS/TLS.

This helps protect data exchanged between the web application, mobile applications, backend

services, and users from interception or unauthorized modification during transmission.

Where supported by the underlying AWS services and platform configuration, TARGPatrol also uses

encryption at rest for stored data, files, and backups.

8. Access Control

Access to TARGPatrol systems and production infrastructure is restricted to authorized personnel

only.

Access is granted based on business need and is intended to follow the principle of least privilege.

Administrative and infrastructure access is limited to team members who require it for operational,

maintenance, support, or security-related purposes.

Customer access is managed through application-level controls, including authentication,

organization membership, and role-based permissions.

9. Organization Data Separation

TARGPatrol is a multi-organization platform. Customer data is logically separated by organization.

Users from one organization cannot access data belonging to another organization unless they have

been explicitly invited to and authorized within that organization.

This separation applies to operational data, including tasks, check-ins, points, locations, reports,

issues, media, users, and related records.

10. GDPR and Data Deletion

TARGPatrol follows the principles of the General Data Protection Regulation (GDPR) and provides

users and organization owners with tools to manage and delete their data where applicable.

Each user has the ability to delete their own user account. Organization owners also have the

ability to delete their organization, including organization-related data, subject to applicable

legal, contractual, operational, or retention requirements.

Account deletion and organization deletion can be initiated through the TARGPatrol web application

or mobile application.

If a user or organization owner no longer has access to their account, they may submit a deletion

request through the appropriate request form. TARGPatrol will review and process such requests in

accordance with applicable data protection requirements and internal verification procedures.

These controls are intended to support user rights under GDPR, including the right to request

deletion of personal data, while maintaining appropriate safeguards to prevent unauthorized,

fraudulent, or accidental deletion of customer data.

11. Mobile Application Security

TARGPatrol mobile applications communicate with backend services through secure API connections.

The mobile application supports field workflows such as task execution, check-ins, issue reporting,

media uploads, comments, GPS-based activity, and offline operation. When offline functionality is

used, supported data may be stored locally on the device and synchronized with the server when

network connectivity is restored.

Access to organization data through the mobile application is controlled by authenticated user

accounts, organization membership, and assigned permissions.

Customers are responsible for ensuring that mobile devices used by their employees are appropriately

protected, including the use of device-level security controls where applicable.

12. File and Media Handling

TARGPatrol allows users to upload files and media as part of operational workflows, including task

evidence, issue reports, comments, and check-ins.

Uploaded files are stored in cloud infrastructure and are accessible only to authorized users within

the relevant organization, subject to their assigned role and permissions.

Access to files and media is controlled through the platform’s authentication and authorization

mechanisms.

13. Backup and Disaster Recovery

TARGPatrol maintains backup and recovery practices designed to help protect against data loss and

support service continuity.

Backups are maintained for key system components and data stores. In the event of an incident,

backups may be used to support service restoration and recovery of customer data.

As the platform is hosted on AWS, TARGPatrol also benefits from AWS infrastructure reliability and

recovery capabilities as part of its overall disaster recovery approach.

14. Monitoring and Logging

TARGPatrol uses logging and monitoring to support system reliability, operational troubleshooting,

security review, and incident investigation.

Application and infrastructure logs may be used to identify errors, investigate abnormal behavior,

support maintenance activities, and review security-relevant events.

Access to logs is restricted to authorized personnel.

15. Audit Logs and Change History

TARGPatrol supports audit logging and change history capabilities to provide visibility into

important actions performed within the platform.

Audit logs and history records may include information about user actions, configuration changes,

operational updates, and changes made to key entities within the application, such as users, tasks,

check-ins, issues, locations, points, reports, and related records.

These logs are intended to support accountability, operational transparency, troubleshooting,

compliance review, and investigation of security-relevant or business-critical events.

Where applicable, audit and history records may include details such as:

  • the user who performed the action;
  • the affected entity or resource;
  • the type of action performed;
  • the date and time of the action;
  • relevant before-and-after change information;
  • related organization or location context.

Access to audit logs and change history is controlled through application-level permissions and is

available only to authorized users.

TARGPatrol uses audit logs and history records to help organizations review platform activity,

investigate changes, and maintain traceability of important actions performed within the system.

16. Vulnerability Management

TARGPatrol follows vulnerability management practices intended to identify, assess, and remediate

security risks within the application and supporting infrastructure.

These practices may include dependency review, security updates, patch management, investigation of

reported issues, and remediation of identified vulnerabilities.

Security-related issues are prioritized based on severity, likelihood, potential impact, and

exploitability.

17. Security Assessments and Penetration Testing

TARGPatrol is committed to continuously improving the security, reliability, and quality of its

platform.

As part of this commitment, TARGPatrol performs internal security reviews and commits to engaging

independent external security companies to conduct security assessments and penetration testing of

the platform, infrastructure, and application components.

These independent audits and penetration tests are intended to help identify potential

vulnerabilities, validate existing security controls, improve secure development practices, and

reduce the likelihood of security issues affecting customers.

Security assessment activities may include:

  • internal application and infrastructure security reviews;
  • independent security audits performed by external security companies;
  • independent penetration testing performed by qualified third-party security specialists;
  • review of authentication, authorization, and access control mechanisms;
  • assessment of data protection and organization-level data separation controls;
  • review of API security and permission models;
  • vulnerability scanning and dependency review;
  • remediation planning and follow-up validation.

Findings from security reviews, independent audits, and penetration tests are assessed based on

severity, likelihood, and potential impact. Identified issues are prioritized and remediated

according to TARGPatrol’s vulnerability management and secure development practices.

TARGPatrol treats security assessment results as confidential and uses them to strengthen the

platform, improve operational controls, and enhance the overall quality and security of the product.

18. Secure Software Development

TARGPatrol applies secure development practices throughout the software development lifecycle.

These practices include:

  • review of code changes before release;
  • controlled deployment processes;
  • testing of new features and bug fixes;
  • dependency updates and security patching;
  • separation of development and production environments;
  • review of security-sensitive functionality, including authentication, authorization, data access,

file handling, and permissions;

  • ongoing improvement of platform security based on product development, operational experience, and

identified risks.

The objective of these practices is to reduce the risk of introducing security weaknesses during

development and to maintain a secure and reliable platform.

19. Incident Response

In the event of a suspected security incident, TARGPatrol follows an internal incident response

process to investigate, assess, contain, and remediate the issue.

Depending on the nature and severity of the incident, response actions may include access

restriction, log review, technical remediation, restoration from backups, infrastructure or

application changes, and customer notification where appropriate.

TARGPatrol aims to respond to security incidents in a timely and responsible manner and to apply

corrective measures to reduce the likelihood of recurrence.

20. Customer Responsibilities

Customers are responsible for managing their own users, roles, permissions, and internal security

practices within the TARGPatrol platform.

Customer responsibilities include:

  • assigning appropriate user roles;
  • removing users who no longer require access;
  • protecting user credentials;
  • using strong passwords;
  • reviewing organization membership periodically;
  • ensuring that mobile devices used for field operations are appropriately protected;
  • training employees to use the platform responsibly;
  • notifying TARGPatrol of suspected unauthorized access or suspicious activity.

Security is a shared responsibility between TARGPatrol and its customers.