Lapidus Security

---

Lapidus, Inc. approaches security as a foundational design principle across its corporate systems, intellectual property, and subsidiary oversight responsibilities. Security considerations are integrated into governance, architecture, and operational decision-making to support long-term resilience and risk management.

This page provides a high-level overview of Lapidus’s security posture. It is not a certification, warranty, or guarantee of any specific security outcome.

Lapidus security practices are guided by the following principles:

• Defense-in-Depth
  Security controls are layered to reduce single points of failure across systems and operations.
• Least-Privilege Access
  Access to systems and information is restricted based on role, responsibility, and operational need.
• Segregation of Duties
  Administrative, operational, and oversight functions are separated where appropriate to reduce risk.
• Security by Design
  Security considerations are incorporated during system planning and architectural decisions, not added retroactively.
   

Lapidus maintains internal systems using secure, cloud-based infrastructure designed to support availability, access control, and operational continuity. Measures may include:

• Controlled access to administrative systems
• Encrypted communications using industry-standard practices
• Backup and recovery processes to support business continuity
• Monitoring intended to detect anomalous activity
   

Specific technical implementations may vary by system and evolve over time.

Lapidus provides security oversight at a governance level for its subsidiaries and operating platforms. Subsidiaries are responsible for implementing security controls appropriate to their services, users, and regulatory obligations.

Security practices for individual platforms are governed by their respective security pages, terms, and privacy policies.

Nothing on this page supersedes platform-specific security disclosures.

Lapidus does not routinely access end-user data belonging to subsidiary platforms. Access, when required, is limited to lawful, operational, or contractual purposes and is subject to internal controls.

Lapidus does not sell or rent user data as part of its business model.

Lapidus periodically reviews security risks as part of broader operational and governance processes. Reviews may consider:

• Changes in technology or threat landscape
• Third-party dependencies
• Regulatory and contractual requirements
• Incident history and response readiness
   

Security practices are adjusted as appropriate to reflect evolving risks.

Lapidus maintains internal processes intended to support timely assessment and response to security-related events affecting corporate systems or subsidiaries. Response actions are prioritized based on severity, scope, and potential impact.

Public disclosures, where required, are handled in accordance with applicable law and contractual obligations.

Security-related inquiries or concerns regarding Lapidus corporate systems may be directed to:

Email: security@lapidus.io

Reports are reviewed internally and handled in accordance with established procedures.

For platform-specific security issues, please refer to the applicable platform’s security or support channels.

This Security page may be updated periodically to reflect changes in operations, risk posture, or legal requirements. Continued use of Lapidus websites constitutes acceptance of any updates.

Lapidus, Inc.
Austin, Texas, United States

© 2020–2025 Lapidus Inc. All rights reserved.