Our Commitment
Pana MIA Club maintains a breach response plan and is committed to notifying affected users per Florida law (Fla. Stat. § 501.171). We will provide timely, transparent disclosure in the event of a data breach affecting personal information.
What Constitutes a Breach
Breach definition per FIPA § 501.171(1)(g) — unauthorized access of personal information, encryption safe harbor — full legal text to be drafted.
Notification Requirements
FIPA notification timeline (30 days), AG notice (500+ residents), consumer reporting agencies (1,000+), notice content requirements — full legal text to be drafted.
Incident Response Plan
Internal incident response: detection, assessment (24h), containment, legal review, notification, remediation, transparency — full legal text to be drafted.
Reasonable Security Measures
Per FIPA § 501.171(2), we maintain reasonable measures to protect personal information, including:
- Encryption at rest (Supabase/PostgreSQL) and in transit (TLS)
- Password hashing via better-auth (bcrypt/scrypt)
- OAuth tokens stored server-side, never exposed to client
- Cloudflare WAF and DDoS protection
- Environment variable segregation (secrets never in client bundles)
- R2 bucket access controls
- Regular dependency audits (Dependabot)
Report a Suspected Breach
If you believe you have discovered a security vulnerability or data breach, please contact us immediately: