Security

Planky leads the way in Enterprise security

We comply with privacy, security and regulatory requirements. We are authorized and Regulated by the Financial Conduct Authority (FRN: 821100, 781963) and we are registered with the ICO (ZA111687).

Data Encryption at Rest

Your data is encrypted using the 256-bit Advanced Encryption Standard (AES-256) with symmetric keys: that is, the same key is used to encrypt the data when it is stored, and to decrypt it when it is used.

Data Encryption in Transit

All data served over our REST API uses HTTPS. We force HTTPS for all connections to our API server to ensure that the information is always encrypted during the transport from our server to the Provider's App

Questions about security

If you have any questions about the security we use at Planky, please contact us by email at security@planky.com.

Vulnerability Disclosure Programme

Planky has established the Vulnerability Disclosure Programme to encourage the responsible reporting of suspected vulnerabilities or weaknesses in IT services, systems, resources and/or processes which may potentially affect government internet-accessible applications.

If you are a security researcher and would like to responsibly disclose security issues to us please read our vulnerability disclosure programme for more information.