SOC 2
Trust Services Principles
Security at Flinks
At Flinks we believe that dealing with a vast amount of sensitive financial data deserves the best practices. We continuously invest in security so our clients can keep their peace of mind.
Industry-leading security
Our operations & features
Governance
- PCI-DSS & SOC2 compliant providers hosting (Microsoft Azure, Google Cloud Platform)
- Daily automated and manual application security testing
- Surpass any requirements of Canada’s PIPEDA
Storage
- Storage of sensitive data is done on a highly secured virtual private instance, not accessible by customers nor end-users.
- AES-256 hardware encryption
- No access to end users sensitive information.
Communication
- IP whitelisting
- HTTPS 256-bit encryption
- Strong authentication mechanism
Policies
- 24/7 response team & SOC2 compliant emergency response plan
- Strong logical access controls
- Physical space controls and protection
- Industry leading Risk & Change Management policies
Our stack
Hosting
Dynamic Code Assessment
Hosting
Vulnerability
Deployment
Deployment
For end users
Our privacy policy highlights how we use, but mostly protect your personal data on both our website and application.
For clients
Transparency is at the core of what we do. Get in touch with us to learn more about our security practices
Security practices
Read about our guiding principles and pillars when it comes to fintech & dealing with security.
Security questions or issues?
If you think you may have found a security vulnerability within Flinks, please get in touch with our security team.
