Logging
Access to specific customer data fields is logged at the application level. Our systems log all material security events, including access to customer data and changes to access privileges.
Log Retention and Monitoring
Audit log data is retained for at least 30 days and is monitored continuously/real-time by our dedicated infrastructure.
Security Audits
We conduct regular security assessments and penetration testing. Our audits cover infrastructure, applications, and processes, utilizing automated tools (SAST/DAST) and engaging external auditors for compliance validation.