We comply with privacy, security and regulatory requirements. We are authorized and Regulated by the Financial Conduct Authority (FRN: 821100, 781963) and we are registered with the ICO (ZA111687).
Your data is encrypted using the 256-bit Advanced Encryption Standard (AES-256) with symmetric keys: that is, the same key is used to encrypt the data when it is stored, and to decrypt it when it is used.
All data served over our REST API uses HTTPS. We force HTTPS for all connections to our API server to ensure that the information is always encrypted during the transport from our server to the Provider's App
If you have any questions about the security we use at Planky, please contact us by email at security@planky.com.
Planky has established the Vulnerability Disclosure Programme to encourage the responsible reporting of suspected vulnerabilities or weaknesses in IT services, systems, resources and/or processes which may potentially affect government internet-accessible applications.
If you are a security researcher and would like to responsibly disclose security issues to us please read our vulnerability disclosure programme for more information.