Security
Your data, looked after with care.
At Willed, we take your privacy and the security of your data very seriously. Here is how we keep it safe.
How we protect you
Four quiet safeguards.
-
Encrypted in transit and at rest
Data sent between you and Willed uses HTTPS, and customer data stored in Firebase and Google Cloud is encrypted at rest.
-
PCI-compliant payments
Payments are processed by Stripe, our PCI-compliant payment provider.
-
Layered access controls
Customer access is authenticated, and administrative access is restricted by role-based permissions and MFA.
-
Managed cloud infrastructure
Built on Firebase and Google Cloud with security rules that limit access to authorised users and systems.
The practice
The detail, in plain English.
Your data
Data sent between you and Willed is encrypted in transit using HTTPS. Customer data stored in Firebase and Google Cloud is encrypted at rest. Access to sensitive data is restricted to employees who need it to perform their roles.
Billing information
Payments are processed directly by our PCI-compliant payment provider, Stripe.
Account access
Willed recommends that users use a unique and strong password. We require that all passwords be at least eight characters long, and include at least one number, one uppercase letter and one lowercase letter. Administrative access is further protected with MFA and role-based permissions.
Hosting
The Willed platform is built on Firebase and Google Cloud managed infrastructure. Firestore and Storage security rules are designed to restrict access to authorised users and systems.
Found something?
Help us keep Willed safe.
If you have discovered a vulnerability, we would like to hear from you. Our bug bounty program rewards responsible disclosure.