Privacy as the default setting

It’s what we do

security illustration

Data privacy and security are at the core of what we do here at Cake.

With large, high-profile customers all around the world, we are committed to keeping your data secure and continuously monitoring and improving our processes.

What we do

1

Privacy embedded into design

We take a proactive approach to data protection and anticipate privacy issues and risks before they happen.This doesn’t just apply to systems design -- we’re proactively developing a culture of ‘privacy awareness’ across our organisation.

2

End-to-end security with full lifecycle protection

We put strong security measures in place from the beginning and apply this throughout the data lifecycle. We process data securely via encrypted infrastructures and destroy it when it’s no longer needed.

3

Visibility and transparency

We’re big believers in win-win scenarios, and we don’t believe that you need to sacrifice speed or usability to comply with privacy and security regulations. We make it easy for you to control who’s able to access and make changes to your data so that you can focus on growing your business.

Steps we take

Product

  • We verify email addresses of all users
  • An activity log is kept for every transaction that changes data in your organization, with clear tracing available
  • You can control who can access and make changes to your data by assigning different levels of permissions to users within your organisation
  • SSO with two-factor authentication (2FA)

Infrastructure

  • Cake services and data are hosted with Amazon Web Services (AWS) in Australia in the ap-southeast-2 region.
  • Daily backups are performed, encrypted and stored in a secure location
  • Data at rest is encrypted using AES-256.
  • Data in transit is encrypted using SSL/TLS.

People & Platform

  • Our employees are all subject to strict confidentiality obligations and given security training to educate them on potential threats and how to keep themselves and the company safe
  • Our internal security and privacy protocols include only allowing a select group of employees to access customer data and ensuring that all employees use approved password managers
  • Any requests to change investor or option holder personal information are communicated to the company contact
  • Access to critical infrastructure and services requires 2FA




Got questions? We love to chat about Cake.