Cyber Security & Digital Resilience

Seedrs takes cyber security and digital resilience seriously. We understand our users always expect our services to be available and their data to be kept secure. We work hard to manage security risks and stay ahead of possible threats by maintaining focus on the following areas.

1. Secure code development
Our code is developed with OWASP Top 10 in mind and reviewed with automatic tools. We are committed to best practices for secure software development.

2. Data encryption
We use HTTPS by default, to protect information that our users transmit throughout the platform, in accordance with industry standards. Our internal policies require encryption of laptops to protect our data in case of loss or theft.

3. Availability and digital resilience
We have a high-availability solution that protects our infrastructure against Distributed Denial of Service (DDoS) attacks. Additionally, our services use a Web Application Firewall (WAF) that protects the platform from malicious activities that could compromise our data.

4. Two-Factor Authentication
We offer two‑factor authentication and strongly recommend it is used by our users for maximum security. We have made two‑factor authentication mandatory for all our employees to access critical business services.

5. Audits and penetration testing
We use recognised accredited third parties to perform information security audits. We perform regular penetration tests of our platform and internal networks across our offices. We also have an internal vulnerability management process with automatic scanning capabilities.

6. Third party security
Like many businesses, we use certain third‑parties to support the services we provide to our users. We ensure that third parties are properly assessed in line with our security, outsourcing and data residency policies and procedures, and reviewed on a regular basis.

7. Incident and vulnerability reporting
We strive to implement high standard of cyber security and digital resilience, but incidents or vulnerabilities may occur. If you would like to report or provide feedback on any issue please contact our Information Security Director on [email protected]. We treat any such report or feedback as high priority and will address them as soon as possible.

8. Payment security
When you make a payment using Seedrs, we use a third-party provider, Stripe. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. They make use of best-in-class security tools and practices to maintain a high level of security at Stripe. Full details can be found here.

9. Industry collaboration
We work closely with other peers and organisations that meet industry standards, to improve our cyber security and digital resilience. We often take part in security forums, conferences and private discussion groups to stay ahead of threats to our business.

10. Human resources security
Seedrs employees receive security awareness training on an ongoing basis, and are required to adhere to our information security procedures. Any incidents of non-compliance are dealt with by our Information Security Director, who has full access to the Seedrs Board.

Investing involves risks, including loss of capital, illiquidity, lack of dividends and dilution, and should be done only as part of a diversified portfolio. Please read the Risk Warnings before investing. Investments should only be made by investors who understand these risks. Tax treatment depends on individual circumstances and is subject to change in future.

This webpage has been approved as a financial promotion by Seedrs Limited ("Seedrs"), which is authorised and regulated by the Financial Conduct Authority. It is not intended to be a promotion of any individual investment opportunity and is not an offer to the public. The summary information provided about investment opportunities on this webpage is intended solely to demonstrate the types of investments available on the Seedrs platform, and any investment decision should be made on the basis of the full campaign. Full campaigns are available to investors who have become authorised to invest on the Seedrs platform. All investment activities take place within the United Kingdom, and any person resident outside the United Kingdom should ensure that they are not subject to any local regulations before investing.

Seedrs does not make investment recommendations to you. No communications from Seedrs, through this website or any other medium, should be construed as an investment recommendation. Further, nothing on this website shall be considered an offer to sell, or a solicitation of an offer to buy, any security to any person in any jurisdiction to whom or in which such offer, solicitation or sale is unlawful. Seedrs does not provide legal, financial or tax advice of any kind. If you have any questions with respect to legal, financial or tax matters relevant to your interactions with Seedrs, you should consult a professional adviser.