Security & Compliance

At RootFi, we’re serious about security. We are committed to maintaining the highest privacy, security and compliance standards for you and your clients’ sensitive information.
iPhone mockup
Credit card mockups

ISO/IEC 27001:2013

RootFi is ISO 27001:2013 certified. ISO/IEC 27001 is the leading international standard for information security management systems.


RootFi is SOC 2 Type II compliant. SOC 2 compliance is part of the AICPAs’ Service Organization Control reporting platform. Our SOC2 compliance consists of an independent audit report that details information and tests five principles: security, availability, processing integrity, confidentiality, and privacy.


RootFi is GDPR compliant. The General Data Protection Regulation (GDPR) is the world's toughest privacy and security law. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organisations anywhere, so long as they target or collect data related to people in the EU.

Data encryption

RootFi utilises best-in-class encryption protocols to keep your data safe. All data is encrypted at rest using Advanced Encryption Standards (AES-256)-bit encryption. When in transit, all data is encrypted using Transport Layer Security (TLS 1.2).

Platform Infrastructure

An all-in-one customer service platform that helps you balance everything your customers need to be happy.

Penetration Testing

RootFi conducts regular penetration testing with our compliance partner. We also conduct scans of our docker containers against known vulnerabilities.

Employee Device Security

RootFi uses the industry-leading mobile device management provider to manage patches, security policies and other vulnerabilities on all employee devices. RootFi ensures all employee devices are fitted with anti-virus and malware detection systems