Security
Keeping your data secure is our priority
At PayFit, we believe it is our duty to keep your data secure.
Security
PayFit is committed to keeping your data safe and out of the hands of those without authorisation.
Confidentiality
We use several different methods to ensure that your account remains secure at all times. Your data is also encrypted in our database.
Integrity
We strictly control who has access to your data, both online and internally. This is done to ensure that your documents are protected against any unauthorised alterations. We also back them up every hour.
Availability
Real-time data replication to three data-centres in France. We also use automatic failover in the unlikely event that we experience any technical difficulties.
Learn more about our data security
- People
- Physical Security
- Assets
- Data
- Legal
- Hosting & network
- Logging
- Availability & resilience
- Incident response
- Security audits
People
- Background check on all candidates.
- Requirement for all employees to sign a confidentiality agreement and to follow the internal digital policy.
- Enforcement of device security policies globally through a centralised management tool with monitoring and remediation capabilities.
- Regular security training for all employees and a quarterly review of internal security policies.
- In order to separate developing roles from consulting and validating roles, we use a RACI matrix framework for the development and management of all tasks.
ISO 27001
We are fully committed to securing your data and ensuring that all best practices are put in place. We are close to obtaining the ISO 27001 certification.
Learn more about our security policy
Bug bounty programme
We are interested in any research on our systems and value any documented discovery. For that purpose, we run a private bug bounty programme on HackerOne so that we can identify and mitigate security threats.
Learn more about our bug bounty programme or the way to report issues