security, top to bottom
Customer and supplier data is at the core of everything we do at Paygle. We continually invest in, and develop the security of Paygle.
With our approved ability to accept and handle Card Data, Banking Data, EU data Paygle has to continually demonstrate our security credentials. We welcome any questions you might have for us but you can be rest assured we have not yet been a requirement that we did not already meet. Just some of our annual checks include Government Peepol, Banking accreditation and PCI DSS standards to be able to handle and store sensitive data. For all EU fans we are also fully GDPR compliant.
Paygle utilises Azure Key Vault to provide its encryption via a periodically rotated internal RSA key, with unencrypted content physically isolated from the Paygle Platform and Services.
All received data and sensitive fields are encrypted at rest.
Partitioning and Siloing
Each customer and organisations data is partitioned from all other users and organisations.
Determined at time of login, Paygle uses short lived Shared Access Signatures that only last for a set number of minutes that enforce the partitioning. Once expired, a Shared Access Signature can no longer access any Paygle data.