SECURITY & TRUST
Built to be audited.
Floowed handles loan files, identity documents, and financial records. The platform is built so your security review is short and your auditors are comfortable.
THE POSTURE
Protected by default.
Security is not a tier or an add-on. Every account runs with the same controls, from first trial document to full production volume.
ENCRYPTION
- TLS for data in transit
- Encryption at rest
ACCESS CONTROL
- Role-based access
- Least privilege by default
- Scoped tokens
DATA PROTECTION
- PDPA-compliant
- GDPR-aligned handling
- Deletion and access requests supported
DATA HANDLING
- PII minimised
- Redacted in logs
- Defined retention
INFRASTRUCTURE
- Runs on Google Cloud
- Isolated environments
AUDIT LOGGING
- Every decision on record
- Every change versioned
- Every override attributed
GOVERNANCE
Governance is the product.
The same governance your risk team uses every day is the audit trail your reviewers ask for.
VERSION CONTROL
Every change to policy records who changed what, and when. Roll back to any prior version, any time.
FOUR-EYES APPROVAL
No policy ships unilaterally. Changes go live only after a second reviewer signs off.
DECISION RECORDS
Every approve, decline, and override stays on record, with reason codes attached.
EVERY DECISION · EVERY CHANGE · EVERY OVERRIDE · ON RECORD
YOUR SECURITY REVIEW
Three steps to sign-off.
01
Ask
Send your security questionnaire, or schedule a session with the team.
02
Review
Documentation under NDA, plus an architecture walkthrough with the people who built it.
03
Sign off
Data processing terms aligned to PDPA and GDPR, ready for your legal review.
Security documentation available under NDA on request.
Bring your security questionnaire.
We answer it properly: architecture, data flows, controls.