Cappfinity Is committed to Security and Compliance

Cappfinity is committed to high standards of compliance, security, and accessibility across our solutions, services and products. Cappfinity’s comprehensive governance approach is designed to minimize risk to our customers by adhering to compliance guidelines
and maintaining the confidentiality, integrity, and availability of the data entrusted to us. Cappfinity’s approach to compliance,
security, and accessibility supports our mission to Strengthen the world. Maintaining confidentiality, integrity and availability of your data is as important to us as it is to you.

ISO27001:2013 – information security

ISO9001:2015 – quality assurance

ISO27701:2019 – data privacy

Cyber Essentials Plus

GDPR

CCPA

All customer solutions are subject to annual penetration testing by an independent 3^rd party with CREST qualified security testers

Secure by design

Customer data and services are hosted through Microsoft Azure, and our services are load-balanced and replicated across multiple data centers. Microsoft Azure data centers and services are subject to industry standard compliance measures such as SOC1, SOC2, SOC3

All data in transit, or at rest is encrypted through industry standards – a minimum TLS1.2 in transit and AES256 at rest

Data is replicated across data centers and data backups are safely and securely stored offsite to enable point-in-time recovery

Web Application firewalls and DDOS protection

Security and vulnerability scanning and alerting across the infrastructure, applications, and databases

Data protection – you are the data owner, and Cappfinity will apply a data retention policy that works for your business

Single sign on support – Cappfinity supports industry standard identity providers, such as SAML, AAD, OpenID so that your users can SSO to Cappfinity

Cappfinity Team

All Cappfinity employees complete security training every 2 weeks to maintain and improve security awareness and knowledge for all.

We also ensure that all Cappfinity suppliers adhere to industry-leading security controls, certifications and are subject to company checks.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Talent Acquisition

Talent Management

Our Products

Our Services