NC Title Transfer

Security

Updated August 2025

Operator. NC Title Transfer Concierge (“NC Title Transfer,” “we,” “us,” or “our”) is operated by Ottoform LLC.

We protect your information using layered administrative, technical, and physical controls. Below is a high-level summary of how we secure our website, forms, and concierge processes.

1) Overview

NC Title Transfer Concierge (“we,” “us”) follows a defense-in-depth approach. We encrypt data in transit, enforce least-privilege access, and continually monitor and improve our controls.

2) Goals & Principles

  • Confidentiality: only authorized parties can access data.
  • Integrity: information is accurate and tamper-resistant.
  • Availability: systems are resilient and recoverable.
  • Least privilege: access based on role and necessity.

3) Data Handling

  • We collect only what’s needed to complete DMV services.
  • Documents are stored securely and retained only as long as necessary.
  • Sensitive uploads are restricted to authorized staff and systems.

4) Encryption

  • In transit: TLS (HTTPS) for all public endpoints.
  • At rest: platform-level encryption for databases and storage used for documents.

5) Access Control

  • Role-based access controls; access on a need-to-know basis.
  • Strong authentication and session controls for internal tools.
  • Device hygiene requirements and periodic access reviews.

6) Infrastructure & Network

  • Hardened cloud infrastructure with network segmentation.
  • Managed firewalls, WAF/CDN, and automated patching where available.
  • Monitoring and alerting for abnormal activity.

7) Application Security

  • Secure coding practices, dependency updates, and code review.
  • Protections against common web risks (XSS, CSRF, injection).
  • Configuration and secret management with least privilege.

8) Document Handling

  • Document uploads use encrypted transport and secure storage.
  • Access to documents is logged and limited to assigned personnel.
  • We provide guidance to clients on safe sharing and redaction when appropriate.

9) Vulnerability Management

  • Routine dependency scanning and OS/image patching.
  • Tracked remediation SLAs based on severity and exploitability.
  • Third-party assessments as needed for higher-risk areas.

10) Incident Response

  • Documented triage, containment, investigation, and recovery procedures.
  • Post-incident reviews to address root causes.
  • Notifications to affected parties when legally required.

11) Backups & Continuity

  • Regular backups of critical data and configurations.
  • Geo-redundant or provider-managed durability for key storage services.
  • Tested restoration procedures for time-sensitive operations.

12) Compliance & Privacy

Our practices align with applicable laws/regulations for our services. For how we collect and use personal information, see our Privacy Policy and manage site cookies via Cookie Preferences.

13) Customer Responsibilities

  • Keep your contact details accurate and respond promptly to requests.
  • Use secure networks/devices when uploading documents.
  • Do not email full card numbers or sensitive IDs unless we provide a secure method.

14) Subprocessors

We may use vetted third-party providers (e.g., hosting, communications, payments, document storage) to deliver our services. These vendors are bound by contractual obligations to protect data and use it only as instructed.

15) Report a Security Issue (Responsible Disclosure)

Found a vulnerability or security concern? Please email security@nctitleconcierge.com with details (steps to reproduce, impact, and a contact). Don’t publicly disclose until we confirm a fix. We appreciate responsible research and will acknowledge valid reports.

16) Changes to this Page

We periodically update this page to reflect control improvements and industry best practices. We’ll revise the “Updated” date above when changes are made.

17) Contact Us

NC Title Transfer Concierge
222 E Bland St, Unit 411
Charlotte, NC 28203

support@nctitletransfer.com (980) 701-5265
Legal entity: Ottoform LLC (operator)