Security Bencompare app
Your data is safe and secure with Bencompare
At Bencompare, we are committed to provide services that we are proud to share with our family, friends, and people throughout the world. We are committed to security and are strong privacy advocates. Our Security and Privacy Principles guide the decisions we make at our company that help keep you safe and keep your information private.
We employ advanced security practices to keep your data safe. It is our responsibility to protect the data you entrust to us. Security isn’t just something we do, it’s the core of our business.
Your important personal information is encrypted and protected using industry-leading technology.
Our app and backend software are hardened against attacks – we work with third-party penetration testers to simulate attacks on our own systems.
Securing Your Data at Rest
Within our systems, all your documents are stored using AES-256 encryption with a uniquely derived key for each user following the recommendations of NIST Special Publication 800-132.
As with all systems such as ours, the security of your information depends on you. You must choose a strong password and you should never share your password with anyone.
We store the encrypted data only in secure data centres protected by 24/7 security. Your data is stored within the EU and protected by EU regulations.
Securing Your Data in Transit
All communications are encrypted via SSL using 2048-bit certificates and we require SSL and latest TLS on all communications.
We are implementing perfect forward secrecy so that even if someone eavesdrops on your communication, they will still not be able to decrypt the data in the event that our key is compromised.
Operational Procedures to Keep the Site Secure
We follow best practices to keep your data secure. In addition to severely restricting access to operational environments (including private keys), we regularly audit our environments and code for security issues and apply patches expeditiously.
We use commercial services that regularly check our site and we also use trusted security experts to probe and verify the security of our site on a regular basis. Our systems are audited on a regular basis against OWASP and ASVS standards to ensure optimal security.
Our data center partner and organisation both have ISO 27001 certification and regular audits are performed. Furthermore, we actively enforce penetration testing by external experts.
Administrative Access to Your Information
Because your security and privacy is paramount to us, we limit what access our administrators have to your account to the limited set of data necessary to help grant you access to your account and help you restrict access to your account in urgent circumstances. Our administrators can never see the contents of any documents that you upload without your prior explicit permission.
Sharing your data
When you share information with us, we use it to provide you the best deals.
We will always tell you what type of information we collect and how we use it.
You should never be surprised by what information we collect. We aim to make people aware of the information we collect and how it is being used to improve their mobile experience.