We are ISO 27001 certified which means we adhere to international best practice for Information Security. We have multiple layers of electronic and physical controls to ensure the complete security and privacy of your data. We use bank-level security to encrypt all your interaction with the application.
We prioritise your security and privacy
Compliance and Certifications
We set ourselves exceptionally high standards and aspire to surpass those set by the industry. Our completion of a ISO27001 audit & certification indicates that our processes, procedures and controls have been formally evaluated and tested by an independent accounting and auditing firm.
Infrastructure and processes that go above and beyond
Secure Access Controls
User access roles determine the rights a user has on our system whether it’s viewing some information or all the information. The same applies to editing, deleting and creating information.
Encryption at Rest and Transit
All data is encrypted at application level using AES-256 GCM encryption, and served over secure connections to customers.
End-user Auditable Logs
We capture all action events on the system for security reasons. The trace files can be viewed by the user or requested via our information security officer
3rd Party Audits
We do regular internal & external audits to validate our internal security process.
Penetration Testing
We commission independent audits to augment our internal audits on a regular basis. Penetration testing is done by third party providers to enable us to provide you with the most secure platform.
Security & Compliance Guides
PAIA manual
The Promotion of Access to Information Act (PAIA) manual stipulates how you can request your Personal Information (PII) and any modification to your PII.
Information Security Policy
Top level ISO27001 certified security policy that states what we do to protect the availability, integrity and confidentiality of your information.