65 Harristown Rd, Glen Rock NJ info@capflowfunding.com (201) 842 - 7725
65 Harristown Rd, Glen Rock NJ info@capflowfunding.com (201) 842 - 7725
Funding Application

Security and Privacy at CapFlow Funding Group™

We care about security at CapFlow. 

Governance:

CapFlow Funding Group™ Compliance and Security teams establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors.

Our policies are based on the following foundational principles:

01.

Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege.

02.

Security controls should be implemented and layered according to the principle of defense-in-depth.

03.

Security controls should be applied consistently across all areas of the enterprise.

04.

The implementation of controls should be iterative, continuously maturing across the dimensions of improved effectiveness, increased auditability, and decreased friction.

Security and Compliance at CapFlow Funding Group™

Commitment to Security

CapFlow Funding Group™ prioritize the security and privacy of our customers’ data. Our infrastructure and processes are designed to meet the highest standards, including adherence to SOC 2 compliance requirements. 

 

SOC 2 Compliance

We are committed to achieving and maintaining SOC 2 compliance, focusing on the Trust Services Criteria: 

  • Security: Protecting against unauthorized access. 
  • Availability: Ensuring reliable access to our services. 
  • Processing Integrity: Delivering accurate and timely processing. 
  • Confidentiality: Safeguarding sensitive information. 
  • Privacy: Managing personal information responsibly. 
 

Security Practices

Our security measures include: 

  • Data Encryption: All data is encrypted in transit and at rest using industry-standard protocols. 
  • Access Controls: Strict access controls ensure that only authorized personnel can access sensitive data. 
  • Monitoring: Continuous monitoring of systems to detect and respond to threats promptly. 
  • Regular Audits: Periodic assessments to evaluate the effectiveness of our security controls. 

Security Education

  • CapFlow Funding Group provides comprehensive security training to all personnel upon onboarding and annually through educational modules. All new engineers also attend a mandatory live onboarding session focused on secure coding principles and practices. 

Third-Party Assessments

  • We engage independent auditors to assess our compliance with SOC 2 standards. These assessments validate our commitment to maintaining robust security controls.

Incident Response

In the event of a security incident, we have a comprehensive response plan to address and mitigate potential impacts. To report a security concern, please contact us at security@capflowfunding.com

Continuous Improvement

Security is an ongoing priority. We regularly review and update our policies and practices to adapt to emerging threats and evolving industry standards. 

Privacy Policy and DPA