Skip to main content

We prioritise your security and privacy

We are ISO 27001 certified which means we adhere to international best practice for Information Security. We have multiple layers of electronic and physical controls to ensure the complete security and privacy of your data. We use bank-level security to encrypt all your interaction with the application.

Compliance and Certifications

We set ourselves exceptionally high standards and aspire to surpass those set by the industry. Our completion of a ISO27001 audit & certification indicates that our processes, procedures and controls have been formally evaluated and tested by an independent accounting and auditing firm.

Infrastructure and processes that go above and beyond

Secure Access Controls

User access roles determine the rights a user has on our system whether it’s viewing some information or all the information. The same applies to editing, deleting and creating information.

Encryption at Rest and Transit

All data is encrypted at application level using AES-256 GCM encryption, and served over secure connections to customers.

End-user Auditable Logs

We capture all action events on the system for security reasons. The trace files can be viewed by the user or requested via our information security officer

3rd Party Audits

We do regular internal & external audits to validate our internal security process.

Penetration Testing

We commission independent audits to augment our internal audits on a regular basis. Penetration testing is done by third party providers to enable us to provide you with the most secure platform.

Security & Compliance Guides

PAIA manual

The Promotion of Access to Information Act (PAIA) manual stipulates how you can request your Personal Information (PII) and any modification to your PII.

Information Security Policy

Top level ISO27001 certified security policy that states what we do to protect the availability, integrity and confidentiality of your information.