Built to be trusted.

• WhatsApp OTP as primary credential. No passwords, no SMS-only flow (SIM-swap mitigation).
• Rate limiting. Code issuance, login attempts, and sensitive operations are throttled per phone and per IP.
• Short-lived sessions. Authentication tokens are rotated on every sign-in.
• Device verification on sensitive actions. High-value voucher redemptions require the same device plus a PIN.

• Closed-loop voucher. Sold by licensed resellers, redeemed by users into a wallet that can only be spent on the platform. Legally a 'bon à valoir' — not a deposit, not EMI-licence territory.
• Escrow. Marketplace payments are held by the platform until the buyer confirms delivery. Dispute opens a second hold-period; resolution is logged.
• Card data isolation. CIB and EDAHABIA acceptance runs through a PCI-DSS-compliant payment partner — card data never touches Dziri servers.
• Ledger-style accounting. Every money movement writes an immutable, append-only entry with actor, target, before / after balances, and source reference.

• Algerian Personal Data Law (Loi 18-07). PII is scoped per access role; no engineer sees a user's wallet, and no user sees another user's identity documents.
• Data deletion. Users can request full account deletion at /data-deletion — 30-day soft-delete with full purge after.
• Log scrubbing. Production logs are pre-filtered to redact phone numbers, tax / commerce identifiers, banking details, and one-time codes. Enforced by automated checks in CI.
• No cross-border PII export without explicit user consent. Identity documents are stored on infrastructure hosted for the Algerian deployment.

• Audit trail. Every privileged operator action is recorded with actor identity, target entity, before / after snapshot, IP, geo, and reason string. Records are append-only.
• Voucher lifecycle. Each state transition (issued → assigned → sold → redeemed → expired) writes an immutable ledger entry that regulators can inspect.
• Tenancy enforcement. Every backend function is audited by automated checks — no function can read or mutate data outside the caller's scope.
• Decrypt choke-point. All sensitive decryption flows through a single auditable code path, verified by automated CI checks.

• Tier ladder. particulier → auto-entrepreneur (Loi 22-23) → freelance solo → société EURL / SARL. Each tier has a documented KYB checklist.
• Bank-account verification for tier ≥ auto-entrepreneur, with algorithmic checks against Algerian banking number standards.
• Per-document review. Each onboarding document is reviewed individually by trained operators with approve / reject / request-more outcomes — every decision carries a reason string.
• Tier-cap enforcement. Order amounts above the seller's tier cap are blocked at the transaction layer — not after.

• Geo-blocks. Content can be geo-fenced to or from specific wilayas; gambling content is hard-blocked DZ-wide.
• One-click report. Every piece of user-generated content has a reachable report button. Reports route to operator queues with severity scoring.
• Editorial picks on the feed are operator-authored and timestamped. The ranking algorithm never inserts hidden boosted content.

• Error monitoring. Production errors are captured with PII pre-scrubbed; operator on-call gets paged for severity thresholds.
• Status page. Live operational status at /status.
• Migration safety. Schema changes pass automated safety checks before merge — destructive operations without a documented backout plan are blocked.
• Incident communication. Material incidents are reported on /press and to affected users within 72 hours, in alignment with Loi 18-07 breach-notification rules.

We welcome coordinated disclosure from security researchers. Email security@dziri.app with reproduction steps and your preferred attribution. We commit to first response within 72 hours, public attribution if you'd like it, and never to pursue legal action against good-faith research.

Out-of-scope: denial-of-service, social-engineering against staff, physical attacks, and findings that depend on a stolen device or installed malware on a user's phone.

• About → — Mission and principles.
• Roadmap → — What's shipped, what's next.
• Privacy policy → — Full data-handling policy.
• Terms → — Platform terms.