Security at Flinks

At Flinks we believe that dealing with a vast amount of sensitive financial data deserves the best practices. We continuously invest in security so our clients can keep their peace of mind.

Our compliance strategies

SOC 2 (Type I)

Trust Services Principles

ISO/IEC 27001

Information Security Management System (ISMS)

PIPEDA

Canadian Data protection and privacy regulations

NIST 800-53

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

Our operations & features

Governance
  • PCI-DSS & SOC2 compliant providers hosting (Microsoft Azure, Google Cloud Platform)

  • Daily automated and manual application security testing

  • Surpass any requirements of Canada’s PIPEDA

     
     

Storage
  • Storage of sensitive data is done on a highly secured virtual private instance, not accessible by customers nor end-users.

  • AES-256 hardware encryption

  • No access to end users sensitive information.

Communication
  • IP whitelisting

  • HTTPS 256-bit encryption

  • Strong authentication mechanism

Policies
  • 24/7 response team & SOC2 compliant emergency response plan

  • Strong logical access controls

  • Physical space controls and protection

  • Industry leading Risk & Change Management policies

     

Our stack

Hosting
Dynamic Code Assessment
Hosting
Vulnerability
Deployment
Deployment

For end users

Our privacy policy highlights how we use, but mostly protect your personal data on both our website and application.

Read the privacy policy

For clients

Transparency is at the core of what we do. Get in touch with us to learn more about our security practices

Request our SOC2 report

Security practices

Read about our guiding principles and pillars when it comes to fintech & dealing with security.

Read about our security pillars

Security questions or issues?

If you think you may have found a security vulnerability within Flinks, please get in touch with our security team.

Get in touch