Security & Compliance
How Guardian Volt protects your data and ensures compliance.
Security Architecture
1. Bank Connection Security
Guardian Volt connects to financial institutions using secure, regulated open banking APIs. We partner with industry leaders TrueLayer to ensure the highest level of security.
- Read-Only Access
We can only view transaction history. We cannot move money, make payments, or change account settings.
- No Credentials Stored
Your banking username and password are never stored on our servers. Authentication happens directly with your bank.
2. Data Encryption
We employ state-of-the-art encryption standards to protect data at rest and in transit.
AES-256 Encryption
All sensitive data stored in our databases is encrypted using Advanced Encryption Standard (AES) with 256-bit keys.
TLS 1.3
All data transmitted between your device, our servers, and our banking partners is protected by Transport Layer Security (TLS) 1.3.
3. Infrastructure & Compliance
Our infrastructure is hosted on Amazon Web Services (AWS), providing world-class physical and digital security.
- GDPR Compliant: We fully comply with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
- Data Residency: UK customer data is stored in AWS London (eu-west-2) region.
- Regular Backups: Automated, encrypted backups ensure data integrity and availability.
4. Access Control
We implement strict access controls to ensure only authorized personnel can access system data, and only when necessary for support or maintenance.
- Role-Based Access Control (RBAC): Strict permission levels for all team members.
- Audit Logs: Comprehensive logging of all system access and changes.
- Multi-Factor Authentication (MFA): Enforced for all administrative access.
5. Vulnerability Management
We conduct regular security assessments and vulnerability scans. Our code undergoes strict review processes before deployment. If you discover a security vulnerability, please report it immediately to security@guardianvolt.com.