Security Policy

 

FinStack takes the security of your information extremely seriously and uses a range of best in class methods to protect your information. FinStack is a registered PCI-DSS v3.2 Compliant Service Provider for the protection of sensitive first party data and personally identifiable information.

We protect your data.

All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.

Your data is sent using HTTPS

Whenever your data is in transit between you and us, everything is encrypted, and sent using HTTPS. Any files which you upload to us are stored and are encrypted at rest. Project data, messages, text documents and todos aren’t encrypted at rest — they are active in our database.

Full redundancy for all major systems.

We use Amazon Web Services (AWS) for our infrastructure. The database is hosted by our own docker containers. All over systems have been engineered to stay even when the multiple servers fail. We have employed the Load based server which automatically scale up or down depending on the incoming traffic.

Regularly-updated infrastructure and Frameworks.

We take strides in keeping ourselves up to date with the top of line hardware and software. We explore and use one of the best hardware and services offered by AWS. We use docker swarm container orchestration. We make sure we regularly upgrade to the latest versions of the underlying gems and libraries we use in our application.

We protect your billing information.

All credit card transactions are processed using secure encryption and are handled via our tie ups a third party payment solution providers. We do not store any of your card information on our servers. They are handled by the independent PCI-Compliant networks.

Vulnerability Reporting

For security inquiries or vulnerability reports, please email gaurav@getfinstack.in. We’ll get back to you as soon as we can, usually within 24 hours.