Compliance & Security Policy
1. Introduction
At 11Exch, compliance and security are at the core of our operations.
We are committed to protecting users, affiliates, and partners by following international data privacy, anti-fraud, and responsible gaming standards.
This Compliance & Security Policy defines how we:
Protect user data under the Data Protection Policy
Enforce anti-money laundering (AML) and KYC procedures
Safeguard platform integrity
Uphold transparency under the Transparency Report
Our compliance structure ensures that 11Exch operates lawfully, ethically, and securely as an independent affiliate and ID facilitation platform.
2. Legal Compliance Overview
11Exch complies with:
The Information Technology Act, 2000 (India)
The Digital Personal Data Protection Act, 2023 (DPDP)
The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
GDPR (General Data Protection Regulation) for EU users
AML/KYC norms for financial transparency
These laws guide how we collect, store, and use user data, as explained in our Privacy Policy and Legal Policy.
3. Anti-Money Laundering (AML) & KYC Compliance
To maintain the integrity of our affiliate and ID network, 11Exch follows strict AML & KYC protocols, detailed in the AML & KYC Policy.
Our AML framework includes:
User identity verification before ID activation
Monitoring for suspicious or large transactions
Record-keeping of verification documents for legal audits
Cooperation with regulators during compliance inquiries
All personal and financial data are encrypted and securely stored per the Data Protection Policy.
4. Security Infrastructure
We employ multi-layered cybersecurity systems to protect data, prevent breaches, and ensure the continuity of service.
Our security measures include:
๐ 256-bit SSL Encryption for all data transmissions
๐งฑ Firewall and DDOS Protection for network stability
๐งฌ Multi-Factor Authentication (MFA) for admin and staff accounts
๐งโ๐ป Secure Server Environment (ISO 27001 compliant)
๐งพ Routine Security Audits performed quarterly
๐งฉ Access Controls to restrict data visibility to authorized personnel only
Learn more about infrastructure and encryption details in our Security Policy.
5. Responsible Data Governance
Our data protection and compliance systems are structured around five key principles:
| Principle | Description | Linked Policy |
|---|---|---|
| Transparency | Users know how and why their data is used. | Transparency Report |
| Consent-Based Processing | Data is collected only with user permission. | Privacy Policy |
| Retention Control | Data is stored only as long as legally necessary. | Data Protection Policy |
| User Rights | Users can access, correct, or delete data anytime. | Grievance Redressal |
| Security First | Encrypted storage and end-to-end protection. | Security Policy |
6. Regulatory Cooperation
We actively cooperate with regulatory bodies and law enforcement agencies when required.
Our compliance team ensures full cooperation under:
Government audit or inquiry
Court order or subpoena
Regulated reporting of suspicious activities
All disclosures are done responsibly, in accordance with the Legal Policy and User Trust & Conduct.
7. Partner & Affiliate Compliance
Every affiliate, advertiser, or brand partner working with 11Exch must:
Complete KYC verification before collaboration.
Comply with Advertising & Sponsorship ethics and transparency guidelines.
Agree to terms in our Affiliate Disclosure.
Abide by the User Trust & Conduct and Responsible Gaming (18+) frameworks.
We terminate partnerships immediately upon detecting non-compliance, unethical behavior, or violation of law.
8. Fraud Detection & Risk Monitoring
To protect users and partners, we utilize a real-time fraud detection system that monitors all affiliate transactions, sign-ups, and login activities for irregularities.
Our system flags:
Duplicate accounts or false identities
Unusual transaction volumes
Repeated failed logins or suspicious IP addresses
Violations of gaming restrictions
When triggered, these events are escalated to the Compliance Department for investigation.
Violations may lead to permanent account suspension or legal action.
9. Periodic Security Audits
11Exch conducts quarterly security audits through independent IT and compliance professionals.
Audits include:
Penetration testing and vulnerability scans
Server performance review
Policy adherence checks
Data-handling protocol validation
Summary results are published in the annual Transparency Report.
10. Incident Response Protocol
In the rare event of a security breach or data leak, 11Exch follows a structured Incident Response Plan (IRP):
Immediate Containment โ Isolating affected systems.
Root-Cause Analysis โ Identifying the cause of breach.
User Notification โ Informing affected users within 72 hours (as per GDPR).
Remediation โ Applying patches and preventive measures.
Regulatory Reporting โ Submitting a compliance report to relevant authorities.
All incident records are maintained under the Compliance & Licensing policy.
11. Responsible Gaming Compliance
11Exch enforces Responsible Gaming practices in line with international standards.
We do not promote or encourage excessive or underage gaming.
Our platform incorporates:
18+ verification under the Age Restriction Policy
Responsible play limits and awareness content
Voluntary self-exclusion support
Direct access to the Responsible Gaming (18+) policy
This ensures entertainment remains ethical, balanced, and legally compliant.
12. Internal Training & Compliance Awareness
All employees, contractors, and partners undergo mandatory compliance training that covers:
Data protection & GDPR practices
Cybersecurity hygiene
AML & fraud awareness
Reporting obligations under the Grievance Redressal framework
Refresher sessions are held bi-annually to maintain updated awareness.
13. Third-Party Vendor Security
Vendors and service providers (such as hosting, analytics, and ad tracking tools) are assessed before onboarding.
Each vendor must:
Meet ISO 27001 or equivalent data security standards.
Sign a Non-Disclosure Agreement (NDA).
Follow our Data Protection Policy and Privacy Policy.
Non-compliant vendors are promptly delisted from our network.
14. Continuous Improvement
We continuously enhance our compliance framework through:
Real-time monitoring dashboards
Automated threat alerts
Regular audits and feedback loops
Public accountability via the Transparency Report
This helps ensure that 11Exch remains among the most secure affiliate and ID provider platforms in India.
15. Reporting Compliance Concerns
If you suspect any non-compliance, fraud, or misuse, report it directly to:
๐ง compliance@11exch.com
๐ฉ grievance@11exch.com
๐ or via the Contact Us page.
Reports are reviewed confidentially within 48 hours under the Grievance Redressal policy.
16. Disclaimer
While we maintain robust compliance systems, no digital infrastructure is 100% immune to threats.
By using 11Exch, you acknowledge our security commitment and agree to the limitations stated in the Disclaimer and Terms & Conditions.
๐ Last Updated: October 15, 2025
ยฉ 2025 11Exch. All Rights Reserved.
Read our Transparency Report for annual audit outcomes and compliance metrics.
