Our data handling is built on stringent security protocols, adherence to compliance standards including SOC 2, and a commitment to transparency and ethics in data-driven product innovation.
Business data
We handle business data with care, storing sensitive information about your company and operations securely and limiting access to authorised personnel.Purpose-driven collection
We collect only the business information necessary for account creation, service delivery, and compliance, keeping data exposure minimal.
Data encryption
All business data is encrypted in transit and at rest, so it stays secure across every stage of processing.
Access control
Strict role-based access control limits who can reach your data, and all access is logged and monitored.
Compliance and transparency
SOC 2-aligned processes and regular audits keep our practices current, and businesses can request their data handling and security logs.
Transaction data
Transaction data is highly sensitive, so we have rigorous systems to process every transaction accurately, securely, and in line with industry standards.End-to-end encryption
Every transaction is encrypted from initiation to confirmation, preventing unauthorised interception.
Tokenisation
Sensitive transaction details are replaced with a unique identifier, keeping original data inaccessible to unauthorised parties.
Multi-layer authentication
Transaction verification uses multiple layers of authentication to guard against fraud and unauthorised access.
Real-time fraud monitoring
Rule-based and machine learning detection flags unusual patterns in real time, auto-blocking high-risk transactions and routing others for review. Our Flagright partnership sharpens this further.
Consumer data privacy and sovereignty
Protecting consumer data is a top priority. We comply with global privacy regulations and data sovereignty laws so personal information is managed responsibly and within each region’s legal requirements.Data minimisation
We collect only the consumer data needed to process transactions and deliver services.
Explicit consent
Any use beyond essential transaction purposes requires explicit consumer consent, with full transparency and control.
Privacy by design
Privacy is a core principle of our systems, keeping consumer data secure through every stage of processing.
Secure storage and access
Consumer data is encrypted, stored on compliant servers, and reachable only by authorised personnel, with audit logs tracking interactions.
Data sovereignty
Data is stored in the appropriate regional data centres. EU customer data is stored in the EU, and Australian data within Australia.
Data subject requests
Consumers can access, rectify, or erase their data, and we respond promptly in line with GDPR, CCPA, and regional privacy laws.
Responsible use of data for AI and ML
We believe in the responsible, transparent, and ethical use of data for AI, ML, and product research, using these technologies to improve our services while protecting data privacy and consumer rights.Anonymisation first
All data used to train AI and ML models is anonymised, with no personally identifiable information included.
Consent-driven
Any data use beyond essential services is handled with explicit consumer consent, aligned with privacy expectations and regulation.
Fair and bias-free models
Strict standards detect and reduce bias, keeping our services fair and equitable for all consumers.
Transparent and monitored
We communicate clearly about how data may be used, and our models are regularly evaluated against ethical standards.