Sign Up
Sign Up

Security FAQs

Effective Date: Dec 21st, 2024

At SpendShift, your security is our top priority. Below are answers to frequently asked questions about how we protect your account, personal information, and transactions.

1. How does SpendShift protect my personal and financial information?

SpendShift uses industry-leading security measures, including:

  • Data Encryption: Your information is encrypted during transmission (SSL/TLS) and at rest (AES-256).

  • Multi-Factor Authentication (MFA): Add an extra layer of security to your account.

  • Role-Based Access Control (RBAC): Only authorized personnel can access your data, and only when necessary.

  • Secure Payment Gateways: All payments are processed through PCI DSS-compliant systems.

2. How can I make my account more secure?

We recommend these steps to enhance your account security:

  • Use a strong, unique password that includes a mix of letters, numbers, and special characters.

  • Avoid sharing your login credentials with anyone.

  • Regularly review your account activity for unauthorized transactions.

3. What should I do if I suspect unauthorized access to my account?

If you believe your account has been compromised:

  1. Change your password immediately.

  2. Contact SpendShift Support at contact@spendshift.io or through the app.

  3. Review your account activity and flag any suspicious transactions.

4. How does SpendShift detect and prevent fraud?

We use advanced fraud detection systems to monitor transactions and account activity in real time. These systems flag unusual behavior, such as:

  • Login attempts from unfamiliar locations.

  • Transactions that deviate significantly from your usual spending patterns.

  • High-value or multiple rapid transactions.


Any flagged activity is reviewed, and affected accounts may be temporarily locked to ensure your safety.

5. What happens if there’s a data breach?

If a data breach occurs, SpendShift will:

  1. Notify affected customers promptly, following regulatory guidelines.

  2. Provide information on what was compromised and steps you can take to protect yourself.

  3. Offer assistance, such as resetting passwords or monitoring your account for unusual activity.

  4. Conduct a thorough investigation to address vulnerabilities and prevent future incidents.

6. How does SpendShift handle my data?

We follow strict data protection protocols, including:

  • Collecting only the data necessary to provide our services.

  • Retaining data for as long as required by law or business needs.

  • Deleting or anonymizing data when it’s no longer needed.


For more details, see our Privacy Policy and Data Retention and Deletion Policy.

7. Does SpendShift share my data with third parties?

SpendShift only shares your data with trusted third-party providers necessary to deliver our services, such as payment processors. These partners are required to:

  • Use your data only for the intended purpose.

  • Comply with strict security and data protection standards.


We do not sell your data to third parties.

8. Is my payment information safe with SpendShift?

Yes, your payment information is secure:

  • Payment data is encrypted and stored only by PCI DSS-compliant providers.

  • SpendShift does not store your full payment card information on its servers.

9. How can I recognize phishing attempts?

Phishing attacks often try to trick you into providing personal information. To stay safe:

  • Verify the sender’s email address before clicking links or downloading attachments.

  • Avoid responding to emails, texts, or calls asking for your SpendShift credentials.

  • Always log in through the official SpendShift website or app.


If you receive a suspicious message claiming to be from SpendShift, report it to contact@spendshift.io.

10. What should I do if I notice a suspicious transaction?

If you see a transaction you didn’t authorize:

  1. Contact SpendShift Support immediately at contact@spendshift.io or through the app.

  2. Notify your bank or payment provider if the transaction involves your linked accounts.

  3. SpendShift will investigate the issue and help resolve it as quickly as possible.

11. How does SpendShift comply with security regulations?

SpendShift complies with:

  • PCI DSS: Ensures secure handling of payment data.

  • ISO 27001: Demonstrates adherence to high standards for data security and privacy.

  • AML and KYC Requirements: Implements anti-money laundering and identity verification processes to prevent financial crimes.

12. How does SpendShift handle security incidents?

We have a robust incident response plan that includes:

  • Immediate containment and investigation of the issue.

  • Communication with affected customers within 48 hours.

  • Actions to remediate the issue and prevent recurrence.


For details, see our Incident Response Policy.

13. How can I contact SpendShift about security concerns?

If you have questions or concerns about security, or if you’d like to report an issue, contact us:


We’re here to help and ensure your account and data are protected.

SpendShift

Easily fund your projects while shopping online.

Resrouces

Engage

About

+1 (206) 522 0161

© 2025. All rights reserved.

Contact

contact@spendshift.io

Blog

Security

Privacy Policy

Terms of Use