We keep your data secure

Fyle is committed to securing and encrypting all account, expenses, card, and employee information.
What's more, you have complete ownership of your data at all times.

Control your data, the way you’ve always wanted

/assets/images/product/security/user-authentication.svg
/assets/images/product/security/user-authentication.svg

User authorization

We facilitate the exchange of user authentication and authorization data across secure domains with Single Sign-on(SSO). Fyle uses SAML 2.0 to integrate with popular SSO services like Google, Facebook, Twitter, and LinkedIn.
/assets/images/product/security/password-encryption.svg
/assets/images/product/security/password-encryption.svg

Password encryption

All passwords are salted and hashed using SHA-256 cryptographic function. This is a one-way function and the original password is never stored at Fyle. We also encourage the use of strong passwords with a mix of alphabets, numbers and special characters.
/assets/images/product/security/gdpr-compliance.svg
/assets/images/product/security/gdpr-compliance.svg

GDPR compliance

Fyle has been GDPR compliant as of May 25th, 2018. We do not store any sensitive and personal information of our EU clients outside of EU allowed regions. All third-party services that Fyle uses are also GDPR compliant.
/assets/images/product/security/soc2.svg
/assets/images/product/security/soc2.svg

SOC 2 Certification

Fyle is now SOC 2 Type 1 and Type 2 certified. This means we have the infrastructure, controls, and processes to protect your data from unauthorized access from within and outside the firm. To learn more about the certification, click here.
/assets/images/product/security/ip-access-controls.svg
/assets/images/product/security/ip-access-controls.svg

IP access controls

Admin users are privy to almost all of your sensitive data, which can be taken advantage of. Fyle protects against any potential data breaches or threats by restricting access based on their IP address.
/assets/images/product/security/role-based-access.svg
/assets/images/product/security/role-based-access.svg

Role-based access

Each user is allocated a unique role as soon as they are added into Fyle. Each of these roles have visibility only to data that pertains to them. For example, a travel agent will only be able to view travel bookings that are assigned to them.
/assets/images/product/security/data-retention.svg
/assets/images/product/security/data-retention.svg

Data retention and control

We delete all our customers’ data 30 days after the termination of the contract. Our clients own their data and are free to take backups or export data in standardized formats (CSV,PNG, PDF,JPG) at any point of time.
/assets/images/product/security/vulnerability-testing.svg
/assets/images/product/security/vulnerability-testing.svg

Vulnerability testing

We routinely get our services checked by third-party vendors for any potential risks or susceptibilities every 6 months. They use industry standard Grey Box/Black Box testing and the results are shared on request.
/assets/images/product/security/auditor-role.svg
/assets/images/product/security/auditor-role.svg

Auditor role

Our auditor role allows you to keep your data safe during your auditing process. It allows read-only access to view the payments that are pending, in process or completed. This role can be disabled soon after auditing is done.
/assets/images/product/security/pci-compliance.svg
/assets/images/product/security/pci-compliance.svg

PCI DSS compliance

Fyle's PCI DSS compliance is an indication that we have the necessary safety protocols to store and process customer payment card information, without any risk.
/assets/images/travel-expense-management/slant-dot-pattern-top.svg

Know more about Fyle’s data architecture and security

/assets/images/travel-expense-management/slant-dot-pattern-bottom.svg
Get a demo