Weld logo

Built & designed for data security and privacy

Customer trust and data security are central to everything we do at Weld. From the way we build our products, to the way we think about our customers data. Find out how we keep your data secure.

Audited by the best in business

DeloitteSensibaEchelon

Upholding industry-leading security standards

SOC 2

SOC 2 Type II

Weld is SOC 2 Type II compliant, meaning that the way we process and store client data is secure and protected, based on standards set by the AICPA.
ISO

ISO

All Weld servers are ISO-certified and located in Frankfurt. Additionally, back-ups are filled in different locations.
SSL

SSL

We secure our codebase and have SSL encryption further protect your data against a broad range of attacks.
2FA

Authentication

By using state-of-the-art authentication technology, we offer two-factor authentication and our role-based access out of the box.

Compliant with GDPR (& CCPA)

Weld is designed to not store any personal identifiable information during data synchronization. We recognize that it’s important to be compliant with modern data privacy practices, and we have no interest in neither data storing or data profiling, as we exist to move data - not store data.


Please see a link to our Data Processing Agreement and Privacy Policy in the footer of this website.

Data encrypted in transit & at rest

Weld uses recent SSL and TLS versions for all connections between systems. From your browser to the Weld application, from our servers to your data warehouse or SaaS application, as well as internally between our own services and databases.


Our own core backend application is located in our HIPAA-compliant AWS deployment, where our servers are in a private subnet without connection to the Internet.


The data pipeline at Weld is fully encrypted in transit and at rest, using the in-memory data structure store Redis running our ephemeral workers. We do therefore not see the data we are moving.

Best practices for developing secure software

Weld is built by a team of engineers with deep experience in building banking-grade security at Pleo, and we are committed to having Weld as a data company to apply the same high standards.


This goes across Welds operations, product, and development of which we have built with staging and production environments, encrypted credentials separated from code, and “infrastructure-as-code” that eases auditing and permits fine-grained access to cloud resources.


In addition, we always use 2-factor authentication and secure password generators internally.