We take security compliance seriously

Keeping our customers' data protected at all times is our highest priority.

“Strengthened by my cybersecurity experience, I have implemented the state of the art security at Ondorse”

Thomas Ravenel

Head of Engineering @ Ondorse

Company security

  • We are compliant with GDPR

  • We are compliant with ISO 27001

  • SOC 2 Type II report (contact us)

  • All employees follow recurring security training; enforced and monitored by Vanta

  • Annual SOC 2 audit

  • Annual independent penetration testing of our services

  • Trust center

System security

  • All data encrypted in transit (TLS 1.2) and at rest (AES-256)

  • Infrastructure hosted on AWS in Europe (ISO 27001, SOC1 and SOC2 certified)

  • Data encryption in transit using TLS 1.2+

  • Data encrypted at rest using AES 256-bit encryption algorithm

  • Business continuity plan including disaster recovery and data backups

Application security

  • Customizable login method: support for SSO login (Google, Azure AD, Okta, etc.), enterprise SSO (SAML) and MFA for password login

  • Control user and API keys access

  • Immutable audit trail to capture user interactions

  • Role-based access control

  • On-premise data storage

  • Constant vulnerability scanning and regular penetration testing

🛡️ If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at security@ondorse.com

Ready to take the manual work out of KYC/B?

Unlock the power of automation
Easy setup that takes just a few days
Friendly human support based in Europe
Contact us
Watch demo