Zorse

SECURITY

Our Commitment to Security

At Zorse, security isn't just a feature—it's a foundation. We understand that you're entrusting us with sensitive financial data, and we take this responsibility seriously. Our team brings deep expertise in financial security, having built systems that process billions of dollars for companies like Spotify, DoorDash, and international governments.

Security Architecture

Data Protection

  • Encryption at Rest: All customer data is protected using industry-standard 256-bit AES encryption.
  • Encryption in Transit: All communications with our platform use TLS 1.2+ encryption to safeguard data as it moves through networks.
  • Database Isolation: Each customer's data is logically isolated with unique access controls to prevent cross-contamination.

Authentication & Access

  • Secure Authentication: We leverage enterprise-grade authentication, providing secure sign-in options including Google authentication.
  • Role-Based Access Control: Our platform implements fine-grained permissions that limit data access to authorized users only.
  • Team Controls: Account owners can manage team member access and permissions with detailed audit logging.

Infrastructure Security

  • Cloud Security: Our platform runs on AWS infrastructure, inheriting its robust security measures and compliance certifications (SOC 2 Type II, ISO 9001, GDPR, HIPAA, FedRAMP).
  • Regular Updates: We maintain current security patches across our infrastructure to mitigate vulnerabilities.
  • Monitoring: Continuous monitoring for suspicious activities and automated alerts for potential security events.

Data Privacy

  • Full Control: Users can export or permanently delete all their data at any time.
  • Privacy by Design: We collect only what's necessary and implement data minimization practices.
  • Transparency: Our privacy policy clearly outlines how we handle your data.

Security Operations

  • Regular Audits: Our systems undergo regular security reviews and assessments.
  • Staff Training: Our team receives ongoing security training to maintain awareness of best practices.
  • Incident Response: We have established procedures to quickly address any security concerns.