We work day-in and day-out to Our company is SOC 2 Type 2 certified, which means that an independent auditor has evaluated our product, infrastructure, and policies, and certifies that we meet or exceed specific levels of controls and processes for the security of user data. and safeguard the personal and financial data of our partners, our customers, and our customers’ customers.
We make sure this data can never be accessed without adequate permissions.
All of our services run in the cloud. We don’t host or run our own routers, load balancers, DNS servers, or physical servers. Our service is built on Amazon Web Services. They provide strong security measures to protect our infrastructure and are compliant with most certifications.
Data center security
Our data center is located in the United States. It is a Tier IV, SOC 2, and ISO 27001 compliant facility. The data center facilities are protected 24/7 with different security measures (guards, CCTV, electronic access control, etc.). Monitoring and alerting is in place for security breaches, power, HVAC, and temperature.
Encryption in transit: All data sent to or from our infrastructure is encrypted in transit via industry best-practices using Transport Layer Security (TLS) version 1.2.
Encryption at rest: All our user data is encrypted at rest in our database using the industry-standard AES-256 algorithm. All passwords are hashed with bcrypt. We use AWS KMS for secure encryption key management.