The safety of your data and transactions is our top priority.
- FCA regulated
Pollen Technologies Ltd is authorised by the Financial Conduct Authority under the Payment Service Regulations 2017 (firm reference no. 768011).
- Safeguarded bank accounts
Your money is held in separate accounts with tier one banks. In the unlikely event of Pollen ceasing to exist, your money remains protected.
- Physical security
Our service operates on Amazon Web Services (AWS) which is certified under a number of global compliance programmes which underlines best practices in terms of data centre security.
ISO 27001 Information Security Management Controls
ISO 27018 Personal Data Protection
For the full list of AWS compliance programs see: https://aws.amazon.com/compliance/pci-data-privacy-protection-hipaa-soc-fedramp-faqs/
More information about AWS data centre controls may be found here: https://aws.amazon.com/compliance/data-center/controls/
- Network security
We have dedicated systems in place to protect against Distributed Denial of Service (DDoS) attacks as well as man-in-the-middle attacks. We use reputable registrars to protect against domain hijacking and “phishing” attacks.
Our platform undergoes regular penetration testing and has protection in place against common vulnerabilities like code injection attacks and cross-site scripting attacks.
- Information security
We comply with best practices and regulations pertaining to the management of personal data under the European Union General Data Protection Regulation (GDPR).
All network traffic is encrypted at a transport level and confidential information is encrypted at rest. We use best practices in terms of encryption key storage and security.
- Strong Access Control
Our platform provides a role based, hierarchical security model with two-step authentication and multi-factor authentication for sensitive systems. All access is logged and audited for suspicious behaviour.