At Hyperline, safeguarding your data and ensuring compliance with industry standards are our top priorities. This page outlines the measures we take to secure your information and maintain transparency about our compliance practices.

Full details of our security practices and compliance reports are available at https://trust.hyperline.co for premium clients. Additional information can be provided upon request.

Our Commitment to Security

We’ve built a robust security framework to protect your data and ensure our systems meet the highest security standards. Our key security practices include:

  • Data encryption: We use advanced encryption protocols to secure data in transit and at rest.
  • Access control: Role-based access controls and multi-factor authentication (MFA) restrict access to authorized personnel only.
  • Security testing: We conduct regular penetration testing and vulnerability assessments to identify and mitigate potential risks.
  • Incident management: Our dedicated incident response team ensures swift and effective handling of any security incidents.

Compliance Standards

Hyperline complies with globally recognized security and privacy standards, demonstrating our commitment to protecting your data.

GDPR Compliance

Hyperline complies with the General Data Protection Regulation (GDPR), ensuring transparency and lawful processing of personal data.

Key measures include:

  • Data rights: Full control over your personal data, including access, modification, and deletion.
  • Privacy by Design: Data protection is integrated into every aspect of our operations.
  • Vendor management: We ensure all third-party processors meet GDPR requirements.

SOC 2 Certification

Our SOC 2 certification demonstrates our dedication to meeting the highest standards for security, availability, and confidentiality.

  • SOC 2 Type I compliance: We have successfully achieved SOC 2 Type I certification, demonstrating that our systems and controls are designed to meet the Trust Service Principles.

  • SOC 2 Type II progress: Hyperline is currently in the audit phase for SOC 2 Type II certification, which evaluates the ongoing effectiveness of our controls over time.

Key measures include:

  • Trust Service Principles: Our systems are designed to meet the criteria for security, availability, and confidentiality.
  • Independent audits: Our compliance is verified through independent third-party audits to ensure transparency and trust.
  • Risk management: A robust risk assessment process ensures that all potential threats are identified and mitigated effectively.
  • Operational controls: Procedures and safeguards are in place to ensure data security and operational continuity.

PCI DSS and Payment Processing

While Hyperline is not directly subject to PCI DSS compliance, we ensure that our integrations with Payment Service Providers (PSPs) adhere to PCI DSS standards, including compliance with the Self-Assessment Questionnaire (SAQ). This approach ensures that all payment-related activities on our platform meet strict security guidelines.

Key measures include:

  • Secure integrations: Our platform integrates with PSPs that are fully PCI DSS compliant, transferring the responsibility for secure handling of cardholder data to them.
  • No card data storage: Hyperline does not store or process sensitive payment card data directly.
  • Ongoing assessment: Regular reviews of our integrations to ensure continued compliance with PCI DSS SAQ requirements.

By relying on compliant PSPs and integrating in a secure and standardized manner, Hyperline ensures a safe and seamless payment experience for users.

How we protect your data

Our security approach encompasses multiple layers to safeguard your information:

  1. Network security
  • Firewalls, intrusion detection/prevention systems, and regular vulnerability scans.
  • Network segmentation to isolate sensitive systems.
  1. Application security
  • Secure Software Development Lifecycle (SDLC) practices.
  • Continuous monitoring for suspicious activity and vulnerabilities.
  1. Data protection
  • Encryption of all sensitive data in transit and at rest.
  • Frequent backups stored

Responsible Disclosure Policy

If you discover a security vulnerability in Hyperline, we encourage you to report it responsibly.

  • How to report: Email the details to security@hyperline.co with clear steps to reproduce the issue.
  • Our response: We will acknowledge your report within a week and work to resolve the issue promptly.
  • Guidelines: Avoid accessing unauthorized data, disrupting services, or sharing the vulnerability publicly before resolution.

This policy covers the Hyperline application hosted at https://app.hyperline.co and any associated subdomains or services. Please note that we do not accept vulnerability reports related solely to our marketing website (https://www.hyperline.co), as it does not contain sensitive data.

Thank you for helping us keep Hyperline secure!

Was this page helpful?