We are committed to protecting your privacy and the confidentiality of your personal information. Our privacy and information security process is not just an exercise in compliance, but a continuation of our respect for you and your personal information.
Confidentiality, Integrity and Availability model for managing information security
Information Security Management Policy
FinTags is committed to ensuring confidentiality, integrity and availability of its information assets at all times meeting all legal, statutory, regulatory, and contractual requirements when serving the needs of eligible parties both within organization and externally including customers, suppliers and regulators.
FinTags data is encrypted in transit by advanced TLS protocols and and at rest by Amazon's Key Management Service. Password policies and 2FA are also integrated.
Integrity
Mechanisms such as user access control, version control, backup/recovery procedures are in place to ensure integrity of data
Availability
FinTags assures high availability through continuity of operations planning and disaster recovery.Server clustering techniques deployed to mitigate downtime.
Certifications
FinTags is certified with ISO 27001. Our data center providers maintain ISO 27001, SOC2, and many other certifications.
FinTags hosts service data primarily in AWS data centers that have been certified as ISO 27001, PCI DSS Service Provider Level 1 and/or SOC 2 compliant.
Data Encryption
Data are always encrypted in transit with advanced TLS protocols and 2048-bit keys. Databases are encrypted at rest using Amazon's Key Management Service (KMS).
Network Security
Our network is protected through the use of key AWS security services and our IT team which monitor and blocks malicious traffic. In addition, we conduct third party audit annually.
FinTags is ISO 27001 : 2013 Certified
Certifications
FinTags implemented and continually improved the Information Security Management System of its overall business activities. The system is audited and awarded ISO 27001:2013 certification
Compliance
FinTags is committed to and conducts its business activities that is consistent with its compliance obligations. The primary compliance standards will be EU GDPR and ISO 27001:2013
Vulnerability Management
Our network is protected through the use of key AWS security services and our IT team which monitor and blocks malicious traffic. In addition, we conduct third party audit annually.
FinTags is ISO 27001 : 2013 Certified
Confidentiality Agreements
Every employee of FinTags are required to sign non-disclosure and confidentiality agreements at the time of joining.
Information Security Training
Training adhering to our Information Security and Management Systems is conducted at the time of joining and also reinforced by departments annually. These policies are also made available external partners of FinTags.
Background Screening
FinTags performs criminal background checks on all new employees. External resources like consultants and suppliers are also required to submit clearance.
