Our approach to compliance

We understand the value that our platform adds to our customers’ business. We have built the platform with an industry leading cloud service provider, AWS, to ensure it is available and works as expected. They make reasonable efforts to deliver 99.9% or higher uptime, so our customers can feel confident.

Our compliance program and certifications

Our platform and business practice regularly undergo independent verification of their security, privacy, and compliance controls, achieving certifications, attestations of compliance, or audit reports against international standards.

ISO 27001:2013

ISO 27001:2013 Certification

ISO 27001 is the best known international standard for information security management systems (ISMS). It supports organisations to manage information security in line with its business, contractual, regulatory requirements and risk management process.

Organising information security is a complex task. An ISMS is an effective way to protect the information by ensuring its confidentiality, integrity and availability.

Download certificate

SOC2

SOC2 certification

The American Institute of Certified Public Accountants (AICPA) has developed a Trust Services Criteria to audit controls over the security, availability, processing integrity, confidentiality and privacy of information for third-party service providers.

A SOC2 Type 1 report provides details on the suitability of the design controls and implementation to the Marketplacer’s platform.

PCI-DSS

PCI-DSS Certification

The PCI Data Security Standard is an international standard that provides the technical and operational requirements designated to protect payment data. The standard is regulated and maintained by the PCI Standards Security Council.

Marketplacer’s platform has been assessed with a PCI DSS self-assessment questionnaire (SAQ), which applies to card-not-present merchants that have fully outsourced all cardholder data functions to PCI DSS third party service providers.

Risk management program

Our platform and business practice regularly undergo independent verification of their security, privacy, and compliance controls, achieving certifications, attestations of compliance, or audit reports against international standards.