Security
Secured by Wayroll
Wayroll is built with multiple layers of advanced security to protect your financial data.
Never expose your credentials.
Wayroll will never store your banking information. Instead of asking for and storing your corporate account credentials, Wayroll uses revocable tokens to access your data via secure APIs.
Read-only access.
Wayroll will never modify your data in external systems. Your financial data is accessed read-only, to analyze patterns on your behalf and provide you with unique operating insights.
User-level admin controls.
Grant access to individual users and departments, giving permissions based on need. Whether you want to give access to specific product lines only, or the ability to make edits vs. read-only, you can be confident in the security of your permissioned data.
Best-in-class platform availability.
The Wayroll platform availability SLA is 99.5%. We have advanced alerting and monitoring systems for both security and uptime. Engineers are on call 24/7 in case any problems are detected.
World-class infrastructure.
Wayroll was designed and engineered with security, compliance and availability top of mind. We employ a number of technical, organizational and physical safeguards designed to protect your financial data.
Multi-factor authentication
Two-factor authentication can be enabled using TOTP tokens or access codes delivered via email.
Built for compliance
Coming soon: SOC 2 Type I and SOC 2 Type II certifications so you can be confident your data is safe.
Data stored in USA
Data is stored encrypted in the USA. Reach out to support if you have requirements for a different region.
Encryption at rest
We safeguard your information by encrypting data at rest to prevent unauthorized access.
TLS
System-to-system communication uses TLS, a protocol designed for privacy and data security.
Database backups
Data is backed up nightly, so you can rest easy knowing you will not lose access to your data.
Data Policy
At Wayroll, we are committed to complying with GDPR, CCPA, PECR and other privacy regulations on our website and on our financial analytics product. The privacy of your data — and it is your data, not ours! — is a big deal to us.
Our guiding principle is to collect only what we need and that we will solely process this information to provide you with the service you signed up for.
You own all right, title, and interest to your data. We obtain no rights from you to your data. We do not collect and analyze personal information from your data. When using Wayroll, you 100% own and control all of your data. We don’t sell or share your data to any third-parties.
We minimize data collection in general. We obtain only the essential data points from your billing system and transactions and nothing else.
We take many measures to protect and secure your data through backups, redundancies, and encryption. When you use our service, Wayroll will not utilize your financial or customer information. You entrust us with your data and we take that trust to heart. You agree that Wayroll may process your data solely to provide our analytics product and for no other purpose.
You can choose to delete your account and all associated data at any time. We provide simple no-questions-asked deletion links. All information will be permanently deleted immediately when you go through this process. We cannot recover this information once it has been permanently deleted.
We go into further detail on how your data is secured, how we minimize data collection, and our strong stance on privacy in the following documents:
We encourage you to read them and reach out to support if you have any questions or concerns.