Built & designed for data security and privacy
Customer trust and data security are central to everything we do at Weld. From the way we build our products, to the way we think about our customers data. Find out how we keep your data secure.
Audited by the best in business
Upholding industry-leading security standards
SOC 2 Type II
Compliant with GDPR (& CCPA)
Weld is designed to not store any personal identifiable information during data synchronization. We recognize that it’s important to be compliant with modern data privacy practices, and we have no interest in neither data storing or data profiling, as we exist to move data - not store data.
Data encrypted in transit & at rest
Weld uses recent SSL and TLS versions for all connections between systems. From your browser to the Weld application, from our servers to your data warehouse or SaaS application, as well as internally between our own services and databases.
Our own core backend application is located in our HIPAA-compliant AWS deployment, where our servers are in a private subnet without connection to the Internet.
The data pipeline at Weld is fully encrypted in transit and at rest, using the in-memory data structure store Redis running our ephemeral workers. We do therefore not see the data we are moving.
Best practices for developing secure software
Weld is built by a team of engineers with deep experience in building banking-grade security at Pleo, and we are committed to having Weld as a data company to apply the same high standards.
This goes across Welds operations, product, and development of which we have built with staging and production environments, encrypted credentials separated from code, and “infrastructure-as-code” that eases auditing and permits fine-grained access to cloud resources.
In addition, we always use 2-factor authentication and secure password generators internally.