top of page


We take security seriously here at SPCE, and we are proud to exceed the industry standard when it comes to protecting your organization.


We encrypt our customers' data — from login to logout — using the highest encryption standards available, including 256-bit SSL encryption. That’s the same technology banks use to keep your account information safe.

Industry standard security

State-of-the-art encryption technology

Your data is transferred with high-grade TLS and multi-layered encryption at rest with AES-128 — the industry-standard for commercial applications. Encryption keys are stored separately from the data, and it’s all hosted in our off-site, secure cloud infrastructure.

Data center security

Our server hosting locations are physically secured, staffed 24 hours a day, 7 days a week, 365 days a year by trained security guards who’ve undergone a thorough auditing process.


Two-factor authentication

Access to sensitive data requires two-factor authentication and is restricted only to authorized personnel performing specific tasks for the client (e.g. customer service).

continuous monitoring

In-house monitoring

Every day, our in-house security team reviews every security aspect of SPCE.

3rd party testing

Our site and API are subjected to independent, ongoing penetration testing, security scans, threat detection and greybox assessment by well-respected cyber security firms including Synack, IncludeSecurity, and Qualys.

Real-time audit log

We also keep a real-time audit log of all data access and changes made by administrators, customers, employees and our automated system.



Our system spans numerous physical locations, with N+1 or greater redundancy to establish resilience for all components.


We store backups in multiple secure locations and update them throughout the day, every day.


Our technology ensures high availability of your information: 99.9% uptime (with security in mind).

SPCE and the EU General Data Protection Regulation (GDPR)

SPCE is committed to helping our users understand the rights and obligations under the General Data Protection Regulation (GDPR), which took effect on May 25, 2018.

We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR and to help our customers comply as well.

To learn more about how we comply with GDPR , please read our policies here.


If you think you may have found a security vulnerability within SPCE, please get in touch with our Security Team at:

bottom of page