Security, Privacy and
Trust at Deserve


We take security seriously and maintain a comprehensive
approach across our people, processes and technology.



Our training and awareness programs ensure that security and privacy are at the core of all our engineering and operations. We also actively monitor, manage and continuously improve the security across Deserve.



Our robust security governance program includes strong access control, environment monitoring, security reviews as well as external penetration testing. We regularly enhance our security posture to better protect customer data.



Every facet of our AWS-based architecture and security operations is optimized to maximize security for data at Rest and in Transit. We deploy state-of-the-art threat response and device management tools to keep ahead of emerging threats.


We protect our customers’ financial data and personal
information as securely as we would our own.


Privacy by Design

Our products and offerings are designed with privacy in mind. We conduct Privacy Impact Assessments for all projects and enhancements.



Our employees only access personal data to the extent necessary to perform services, and we require all third party service providers to adhere to the same privacy practices.


Privacy Management

We have dedicated resources focused on maintaining compliance with the latest privacy protecting regulations and policies. We also perform regular internal audits of our privacy practices and train all employees on data privacy.

Trust & Compliance


We’re SOC 1 Type II and SOC 2 Type II compliant. We undergo annual examinations and testing by an independent audit firm, and the results confirm our design and operating effectiveness of internal controls for security across our business.


We’re a PCI DSS 3.2.1 compliant Level 1 merchant. We maintain compliance with the current version of the PCI Data Security Standard (DSS) in order to ensure safe and secure handling of credit card holder information.