Fundky Security & Safety Guide
Better than ever, there is no compromise with the security of your data
Fundky complies with PCI-DSS 3.2.1 Level 2 as a Service Provider.
- Regularly audited by a Qualified Security Assessor (Ubitrak Inc.)
- Passes application and network penetration testing performed by independent security firms.
- PCI Attestation of Compliance (AOC) is available on request.
- Link for certificate
The following documents are available to the public. Applicability to your environment needs to be assessed / approved by your auditors.
- Fundky 2022 PCI-DSS 3.2.1 Attestation Of Compliance (Service Provider)
- contact us in order to get a copy : email@example.com
Fundky maintains a comprehensive privacy program. To us, this means that although we are required by law or regulation to do certain things, we are continually evaluating whether we can and should do more.
Amazon EC2 hosts Fundky’s production systems.
Fundky uses strong encryption methods and key management procedures to ensure your sensitive information is protected.
- Fundky’s website is accessible via a 256-bit SSL certificate issued by Let’s Encrypt.
- Credit card information is never stored.
- Our partner payment processor WePay is PCI DSS compliant. You can read their security policy : https://go.wepay.com/security
- Our partner payment processor Stripe is PCI DSS compliant. You can read their security policy : https://stripe.com/docs/security/stripe
- Our partner payment processor Paypal is PCI DSS compliant. You can read their security policy : https://www.paypal.com/c2/webapps/mpp/pci-compliance?locale.x=en_C2#:~:text=PayPal%20is%20PCI%20compliant.&text=We%20hold%20certification%20under%20many,18%20SOC%201.
Fundky has taken appropriate measures to train its employees.
- All employees are subject to reference, education, and other personal checks. Certain employees are also subject to detailed background checks.
- Fundky maintains an information security training program that meets PCI-DSS standards.
- Require written acknowledgement by employees of their roles and responsibilities with respect to protecting user data and privacy.
While we don’t anticipate there ever being a breach of our systems, we know that no computer system is perfectly secure.
- In the event of a breach of a Fundky information system, we have a detailed Incident Response plan in place.
- Fundky has 24/7 monitoring of its security systems and alerts.
If you have any question related to our system, please contact us at firstname.lastname@example.org