Security

RateUnity is committed to implementing robust security measures to help protect client data from accidental or unlawful loss, access, or disclosure. We achieve this through:

• Network and Infrastructure Security

• Host and Endpoint Security

• Data Protection and Encryption (both in transit and at rest)

• Logging, Monitoring, Threat Detection, and Analytics

• Identity and Access Control

• Application Security

Our platform provider complies with several security assurance programs, including:

• SOC 2 Type 2

• PCI DSS Level 1,

• ISO 27001

• GDPR

​

Data Privacy

RateUnity ensures that client data is stored exclusively in secure, compliant data stores, specifically within the data centres managed by Wix. Our access to client data is limited to the maintenance or provision of our service offerings and as required to comply with legal requirements.

Client Data
"Client Data" includes all data, content, and information (including Personal Information) owned, held, or created by our clients and input into or stored within the platform.

Data Security
The RateUnity platform utilises:

• Encryption at Rest: Data stored within the platform is encrypted with keys accessible only to authorised RateUnity personnel.

• Encryption in Transit: Data in transit across the internet is encrypted point-to-point using SSL/TLS v1.2.

​

Data Security – Logging/Monitoring

All data logged for monitoring and audit purposes is masked by default, ensuring that sensitive data is not inadvertently logged. This safeguards sensitive data while supporting efficient auditing and security monitoring.

​

Data Retention
RateUnity adheres to data retention standards compliant with local regulations.

​

Personally Identifiable Information (PII)
We collect PII (name, email address, optional address and mobile number, date of birth) and additional analytical data (IP address, geolocation). All collected data is presented back to the client or used within the platform for their benefit.