Trolley is certified as SOC 2® Type II compliant by The American Institute of Certified Public Accountants (AICPA) meeting SSAE-21 requirements.
We use end-to-end 256-bit SSL bank-level security. We believe in always-on TLS and maintaining data encryption while at rest and in motion. All passwords and API secrets are one-way hashed using Bcrypt with a factor of 10. API secrets are generated using cryptographically secure random number generators and represent over 128-bits of entropy.
We have built-in tokenization of all sensitive information such as bank account and debit card numbers, government IDs and social security numbers.
Our service operates on Amazon Web Services (AWS) which is certified under several global compliance programmes which underline best practices in terms of data centre security.
We comply with best practices and regulations about the management of personal data under:
Trolley is committed to protecting your personal information. For more details, please see our Privacy Policy
Your money, your data and your customer’s data are as important to us as it is to you.Trolley operates through multiple regulated entities depending on customer location:
Trolley takes data-security very seriously. We offer customizable security management settings and leverage bank-level encryption—so you can operate in full confidence.
