Frequently Asked Questions
      Back to home
      1. Home
      2. Frequently Asked Questions

      What security certifications do you have?

      Security Certifications and Compliance at Spendbase 

      Below, we detail the security certifications and compliance frameworks that Spendbase adheres to, demonstrating our commitment to robust security practices.

      Comprehensive Security Certifications

      ISO 27001: ISO 27001 is one of the most widely recognized and internationally accepted information security standards. It dictates the requirements for an information security management system (ISMS) and sets out the specifications for implementing, maintaining, and continually improving information security.

      PCI DSS Level 4: The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. As a Level 4 certified entity, Spendbase adheres to the highest standards of security, ensuring that credit card information and transaction data are protected against theft and fraud.

      Adherence to Privacy Regulations

      GDPR Compliance: The General Data Protection Regulation (GDPR) is a pivotal privacy and security law drafted and passed by the European Union (EU). It imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. Spendbase complies with GDPR requirements, offering robust data protection for users by ensuring that their personal information is handled transparently and securely.

      CCPA Compliance: The California Consumer Privacy Act (CCPA) empowers California residents with more control over the personal information that businesses collect about them. This regulation requires transparency in data practices and gives individuals rights over their personal information. Spendbase adheres to CCPA guidelines, ensuring that the personal information of California residents is processed in accordance with their privacy rights.

      Ongoing Security Efforts

      Regular Penetration Testing: Spendbase conducts regular penetration testing to identify vulnerabilities in its systems before they can be exploited. These tests are performed by third-party security experts and are crucial in maintaining a strong defense against potential cyber threats