Companies trust us because of our continual commitment to protecting their data.
We know how important your data is
And we make sure to stay up to date in implementing powerful built-in security technologies to protect it.
- Data Encryption at Rest
- Data Encryption in Transit
- Thorough testing before all code releases
- Regular penetration testing
- Hosted in high-availability data centres
- Threat detection using Amazon GuardDuty
- SAML-based SSO
- Access Control via BambooHR Integration
We have a variety of security measures in place across our company – not only technical and physical, but also policies and procedures, in addition to ensuring our employees are kept well-trained and informed.
Information Security Policy
We have a policy that all employees and applicable contractors are required to follow. It enforces best practice and we review it regularly.
We are currently working towards ISO 27001 certification and are already implementing best practices across the company. The AWS data centres we use already hold various certifications that includes SOC 1,2,3 and ISO 27001. We’re also PCI compliant through our external payment provider, Stripe.
Employee Awareness Scheme
We provide security awareness training to every employee in the company on an annual basis. It’s delivered by our security team, is role-specific to each team and is tailored to our company and the risks we face. This includes training about GDPR.
We also provide regular security bulletins and emails to all employees, and have a dedicated security update section in our internal monthly newsletter.
We implement role-based access control at TravelPerk and work to ensure that people only have access to data required for their job.
Both our application and our support services have a variety of controls to ensure that our services remain constant if a negative event were to occur.
Our offices are all protected with a variety of measures that includes 24/7 security guards and CCTV.
We review all our data sub-processors to ensure that they maintain the high standard of security you’d expect for your data. We also ensure that a DPA is in place with each supplier.