SECURITY POLICY
Access Controls
Separate access controls are enforced at each layer of the Dyme Digital Inc. (“Dyme”) infrastructure. Customer data is accessible only to employees whose job functions require it. All application and user access logs are stored centrally and monitored.
Traffic Controls
The Dyme website only allows client requests using TLS protocols. Communication between Dyme’s infrastructure and financial institutions is transmitted over encrypted tunnels.
Secure Data Storage
Dyme does not touch or store sensitive credit card data. When a customer links their card through our site, our partner, Fidel API, encrypts details with bank level security encryption and creates a token ID that Visa, Mastercard, Amex, and other credit and debit card providers can use to let us know when a consenting customer transaction is made. Our third-party card linking processor, Fidel API, has their security processes here: https://fidelapi.com/legal/security