Last Updated: June 15, 2024

Security Policy

We take the security of your data seriously. Learn about the measures we have in place to protect your information and ensure the integrity of our platform.

Data Encryption

All data transmitted to and from our servers is encrypted using industry-standard TLS/SSL protocols. Data at rest is encrypted using AES-256 encryption.

Secure Infrastructure

Our platform is hosted on AWS with multiple security layers, including VPC, network ACLs, and security groups. We implement regular security updates and patches.

Authentication Security

We support multi-factor authentication and enforce strong password policies. OAuth 2.0 is used for secure broker connections without storing credentials.

Vulnerability Management

Regular penetration testing and vulnerability scans are conducted by third-party security firms. We have a responsible disclosure program for security researchers.

Our Security Commitment

At Stockey, security is a core part of our product, not an afterthought. We've built our platform from the ground up with security best practices in mind. Our team continuously monitors for threats and vulnerabilities, ensuring your data remains protected.

Data Protection

We understand the sensitive nature of financial data. That's why we never store your broker credentials. Instead, we use secure OAuth integrations to access only the data you explicitly authorize. All personal and financial data is encrypted both in transit and at rest using industry-standard encryption protocols.

Secure Development Practices

Our development team follows secure coding practices and conducts regular code reviews to identify and fix potential security issues. We utilize automated security scanning tools as part of our continuous integration pipeline to catch vulnerabilities before code is deployed to production.

Third-Party Security Audits

We undergo regular security assessments conducted by independent security firms. These include penetration testing, vulnerability scanning, and code reviews. We promptly address any findings to maintain the highest level of security for our platform.

Incident Response

We have a comprehensive incident response plan in place to quickly address any security incidents. Our team is trained to identify, contain, and remediate security threats. In the event of a security incident that affects your data, we will notify you promptly in accordance with applicable laws and regulations.

Compliance

Our security practices align with industry standards and regulations relevant to financial data. We regularly review and update our security measures to ensure compliance with evolving security requirements and best practices.

Security Recommendations for Users

To help ensure the security of your account, we recommend the following practices:

  • Use strong, unique passwords for your Stockey account
  • Enable multi-factor authentication
  • Keep your devices and browsers updated with the latest security patches
  • Be vigilant against phishing attempts - we will never ask for your password via email
  • Log out from your account when using shared devices
  • Regularly review your account activity for any suspicious behavior

Bug Bounty Program

We value the security research community's input and have established a responsible disclosure program for reporting security vulnerabilities. If you believe you've found a security issue, please contact us at [email protected]. We commit to investigating all legitimate reports and addressing any vulnerabilities promptly.

Have security concerns?

Our security team is available 24/7.

Related Documents

Privacy PolicyTerms of Service