Keeping your data secure is our priority
Security

Security

Keeping your data secure is our priority

At PayFit, we believe it is our duty to keep your data secure.

Security

Security

PayFit is committed to keeping your data safe and out of the hands of those without authorisation.

Confidentiality

Confidentiality

We use several different methods to ensure that your account remains secure at all times. Your data is also encrypted in our database.

Integrity

Integrity

We strictly control who has access to your data, both online and internally. This is done to ensure that your documents are protected against any unauthorised alterations. We also back them up every hour.

Availability

Availability

Real-time data replication to three data-centres in France. We also use automatic failover in the unlikely event that we experience any technical difficulties.

Learn more about our data security

  • People
  • Physical Security
  • Assets
  • Data
  • Legal
  • Hosting & network
  • Logging
  • Availability & resilience
  • Incident response
  • Security audits

People

  • Background check on all candidates.
  • Requirement for all employees to sign a confidentiality agreement and to follow the internal digital policy.
  • Enforcement of device security policies globally through a centralised management tool with monitoring and remediation capabilities.
  • Regular security training for all employees and a quarterly review of internal security policies.
  • In order to separate developing roles from consulting and validating roles, we use a RACI matrix framework for the development and management of all tasks.
ISO 27001

ISO 27001

We are fully committed to securing your data and ensuring that all best practices are put in place. We are close to obtaining the ISO 27001 certification.

Download the process certificate

Learn more about our security policy

Download the security whitepaper

Bug bounty programme

We are interested in any research on our systems and value any documented discovery. For that purpose, we run a private bug bounty programme on HackerOne so that we can identify and mitigate security threats.

Learn more about our bug bounty programme or the way to report issues