Security

We take the security and privacy of your data on andcards very seriously. We understand the importance of keeping your data secure, available, and private, and strive to keep it this way.

We use leading hosting and data processing infrastructure


Amazon Web Services (AWS) hosts all of our applications and static resources. They’re one of the top hosting providers in the world – used by companies like Netflix, Adobe, Snap, and Atlassian.
Only andcards engineers have access to AWS machines, via key-based SSH login. We update system software whenever updates are available.
We back-up database continuously to ensure your valuable data stays safe.
To learn more, read about AWS security policies.

AWS is vigilant about your privacy. All data flowing across the AWS global network that interconnects our datacenters and regions is automatically encrypted at the physical layer before it leaves our secured facilities. Additional encryption layers exist as well; for example, all VPC cross-region peering traffic, and customer or service-to-service TLS connections.
Amazon Web Services
Amazon Web Services
Cloud Security

We protect you against hacking and ensure product security


Web applications on subdomains, custom domains use a secure HTTPS connection with RSA 2048 bit keys.
Our API and application endpoints are TLS/SSL only and score an “A+” rating on Qualys SSL Labs‘ tests.
Once yearly we engage third-party security experts to perform detailed penetration tests on the andcards application and infrastructure.
All employee contracts include a confidentiality agreement.
All payments made to andcards go through our partners. We do not store credit card details or other payment information on andcards servers.

We comply with relevant data processing laws


General Data Protection Regulation 2016/679 (GDPR) compliance.
Data Processing Agreement is available for all customers.
Data Protection Officer to ensure compliance.
Continuous monitoring of user and server activity with the aim of early detection of suspicious activity.