our customers

Platform

For Partners

Our Customers

Pricing

About

Jobs

Request a demo

Select Language

English

Platform

For Partners

Our Customers

Pricing

About

Jobs

Request a demo

Select Language

English

Privacy & security

Learn how we keep your data secure

Phished keeps your data safe: learn how we do that

Our core values

Phished is a cybersecurity company and therefore confidentiality, integrity

and availability of customers data is of paramount importance and the

primary focus of our organization. Phished partners with some of the best

cloud providers in the world to guarantee the best confidentiality, integrity

and availability levels for our applications and customer data.

Phished is a cybersecurity company and therefore confidentiality, integrity and availability of customers data is of paramount importance and the primary focus of our organization. Phished partners with some of the best cloud providers in the world to guarantee the best confidentiality, integrity and availability levels for our applications and customer data.

Questions? Contact us

Pillars of our cybersecurity strategy

Information security that scales with you

Prevention

Security education & awareness training for internal staff members

Automated vulnerability scanning and private bug bounty program

Compliance

Phished is ISO27001 certified

Application hosted on SOC2 certified
infrastructure

Application hosted on SOC2 certified infrastructure

Cloud Infrastructure Security

Network, perimeter and DNS protection by Cloudflare

Application hosted by leading cloud
providers in the EU (Google and
Microsoft)

Application hosted by leading cloud providers in the EU (Google and Microsoft)

Customer Data Protection

Encryption in-transit (TLS 1.2, TLS 1.3) and at-rest (AES-256)

Logical tenant separation

Disaster Recovery & Data Backup

Disaster Recovery scenarios annually
tested

Disaster Recovery scenarios annually tested

Production databases are highly
available with read-only replica’s and
“Point In Time” restore enabled

Production databases are highly
available with read-only replica’s and “Point In Time” restore enabled

Identity & Access Control

Role-Based Access Control (RBAC) for
our application and infrastructure access

Role-Based Access Control (RBAC) for our application and infrastructure access

Multi-factor authentication is optional for our application and enforced for
infrastructure access

Multi-factor authentication is optional for our application and enforced for infrastructure access

Download our security statement

Things you'll love

Want to know more?

Additional resources

Download our security statement

Security statement

Read our privacy policy

Read our cookie policy

Cookie policy

Download our ISO 27001 certificate

ISO Certificate

General Data Protection Regulation (GDPR)

Here is some key information on how we securely store your data.

1. What we're storing

We store only necessary information, as collected by you.

2. How we're storing it

We encrypt your data both at rest and in transit, and our site and storage processes are designed for security (you can learn more on

how we store your data further down this page).

3. Who can access it

We have extensive internal access controls and regulations for the usecure team, who only have access to data under limited conditions.

You are able to restrict admin access to sensitive materials.

4. Our core standards

Our core compliance with the act means that:

We have full awareness of where any of your data is being held & when outside of the EU, ensuring appropriate compliance is in

place.

We ensure that only those who require access to your data are able to & we have the highest level of protection against unauthorised

access.

We ensure you have the right to view, amend, export or delete any information that we hold on your behalf, including anything held

by 3rd party services.

We ensure that consent is given during the sign up process for all that use usecure and allowing you to withdraw at anytime.

Frequently asked questions

If you have other questions we’re happy to help you at [email protected]

What compliance certifications does Phished have?

Phished has implemented and maintains one of the world’s best-known Information Security ManagementSystems ISO/IEC 27001. We are fully certified as compliant with this standard. Our certificate registration number is 30050399, valid from 27/09/2024 to 26/09/2027, with a Statement of Applicability dated 13/08/2024 (version 2.0). In addition to ISO 27001, Phished holds an ISAE 3000 (SOC 2 Type II) report, a Cyber Essentials certificate, and operates in compliance with ISO/IEC 27701, NIS2, and DORA requirements. Phished is also fully GDPR compliant, ensuring that all data processing activities meet the strict requirements of the General Data Protection Regulation. Furthermore, we apply industry best practices in areas such as data encryption, access control, and secure development processes, ensuring the protection of customer data at all times. Read more on our compliance webpage.

What compliance certifications does Phished have?

in compliance with ISO/IEC 27701, NIS2, and DORA requirements.

Phished is also fully GDPR compliant, ensuring that all data processing activities meet the strict requirements of the

General Data Protection Regulation. Furthermore, we apply industry best practices in areas such as data encryption,

access control, and secure development processes, ensuring the protection of customer data at all times.