⸺ Security
We take data security seriously. Our dedicated security team follows industry best practices and has adopted controls to keep our customers' data secure.
⸺ Our Approach
Security practices are applied at every phase of the software development lifecycle, from requirements gathering to deployment and beyond.
Secure Software Development
Secure Software Development
We maintain a comprehensive inventory of information assets and follow industry-recommended operational security practices aligned with our security certification programs.
⸺ Certifications
We apply internationally recognised standards across our product development processes and operational environments.
Certified
ISO 27001:2022
We are ISO 27001 certified. This standard sets out the specification for an effective Information Security Management System (ISMS).
Certified
SOC2 Type II
We are SOC2 certified. This cybersecurity standard defines the criteria for managing customer data based on five trust service principles.
Compliant
PCI-DSS
Our platform is PCI-DSS SAQ A compliant, ensuring secure integration with trusted payment providers and protecting cardholder data.
⸺ Partners
We partner with industry-leading providers to strengthen platform security and protect customer data. A complete Global Sub-processor List is available upon request.
Amazon Web Services
Our primary cloud infrastructure provider. AWS delivers the scalability, reliability, and security foundations that power the Marketplacer platform globally.
Snowflake
Enterprise data platform supporting secure, governed data storage and analytics across our platform operations.
Cloudflare
Network security and performance partner providing DDoS protection, WAF capabilities, and global content delivery for our platform.
⸺ Reliability
Platform resilience and availability are top priorities. We maintain comprehensive plans to ensure continuity even in the face of unexpected disruptions.
We recognise that disruptions can occur unexpectedly. Our Business Continuity Management (BCP) Policy and Plan includes:
We maintain a Disaster Recovery Plan to restore platform operations following a major incident with minimal operational impact.
⸺ Our Approach
We have developed a Security Management Program based on these recognised industry standards and regulations: ISO 27001, SOC2, PCI-DSS and GDPR. Our security policy and practice go through an extensive review every year. We hold ISO 27001:2022, SOC2 Type I and PCI-DSS certifications.
Our approach to availability ->