Trust & Security

Your data security and privacy are our top priorities

We maintain the highest standards of compliance with Canadian and US regulations.

Regulatory Compliance

Comprehensive Data Protection

We adhere to comprehensive data protection laws in Canada, the United States, and international standards

Canada

PIPEDA & Provincial Laws

Personal Information Protection and Electronic Documents Act (PIPEDA)

Governing private sector data collection, use, and disclosure

Quebec Law 25

Mandates sensitive data residency within Canada

Freedom of Information and Protection of Privacy Act (FIPPA)

Public sector privacy protection standards

United States

California Privacy Laws

California Consumer Privacy Act (CCPA)

Consumer rights to know, delete, and opt-out

California Privacy Rights Act (CPRA)

Enhanced consumer rights and data minimization

California Online Privacy Protection Act (CalOPPA)

Privacy policy disclosure requirements

SOC 2 & International Compliance

Built for enterprise-grade security from day one

SOC 2 Type II Ready

Our infrastructure is architected to meet and exceed SOC 2 Type II compliance standards from day one

GDPR Compliance

Platform built to be fully compliant with General Data Protection Regulation

Compliance Auditors

Controls and procedures developed with leading compliance auditors

Pre-Launch Architecture

Security-first approach ensures compliance readiness post-launch

Enterprise Standards

Built to meet the highest enterprise security and compliance requirements

Certification Ready

Infrastructure designed for seamless SOC 2 certification process

Data Residency & Sovereignty

Your data remains protected within compliant jurisdictions

Canada Data Residency

PIPEDA Compliance

Personal data can only be transferred outside Canada if the receiving country provides equivalent protection standards.

Quebec Law 25

Sensitive personal data must remain on servers physically located within Canada.

Cross-Border Transfers

All international data transfers are governed by contractual agreements ensuring comparable protection.

US Data Protection

California Privacy Rights

California residents have rights to know, delete, and opt-out of sale of personal information.

Data Minimization

We collect only the minimum data necessary for our services and clearly communicate purposes.

Breach Notification

Timely notification procedures in place for any security incidents affecting personal data.

Your Privacy Rights

Do Not Sell My Personal Information

California residents have the right to opt-out of the sale of their personal information

California Consumer Privacy Rights

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have the right to opt-out of the sale of their personal information.

Your Rights Include:
  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising privacy rights
  • Right to correct inaccurate personal information
How to Exercise Your Rights

To opt-out of the sale of your personal information or exercise any other privacy rights, please contact us using the information provided below.

Email:privacy@quantpillar.com
Response Time:30 days
Verification Required
Application & Data Security

Multi-layered security approach to protect your data

Encryption in Transit

All data transmitted is encrypted using industry-standard TLS 1.2 or higher.

Encryption at Rest

Financial data and credentials encrypted at rest using AES-256 encryption standard.

Data Segregation

Logically segregated architecture ensures complete isolation from other customers.

Strict Access Controls

Access restricted to authorized personnel only, enforcing least privilege.

24/7 Monitoring

24/7/365 monitoring, anomaly detection, and real-time alerting to identify threats.

Incident Response

Robust procedures ensure prompt notification and mitigation of security breaches.

Data Governance

Comprehensive policies ensure responsible handling and processing of personal information.

Multi-Factor Authentication

MFA required for all employees accessing critical internal systems and tools.

Network & Infrastructure Security

World-class cloud infrastructure with enterprise-grade security

AWS Cloud Infrastructure

World-Class Security

Hosted on secure Amazon Web Services (AWS) providing resilient, high-availability environment with industry-leading physical and network security.

Infrastructure Resilience

Built on enterprise-grade cloud infrastructure designed for maximum uptime and security.

Continuous Monitoring

24/7/365 Monitoring

Comprehensive infrastructure monitoring with anomaly detection and real-time alerting systems.

Threat Detection

Advanced threat detection and automated response systems to identify and remediate potential security issues.

Third-Party Service Providers

We work with trusted partners who maintain the same high standards

We may engage third-party service providers for data hosting, analytics, and customer support. All service providers are contractually obligated to:

Maintain confidentiality
Implement security measures
Comply with privacy laws
Use data only for specified purposes
Report security incidents
Return or delete data when requested

Questions about our privacy practices?

We're here to help.

Privacy Officer

For privacy-related inquiries, data access requests, or to exercise your rights under applicable privacy laws.

Email:privacy@quantpillar.com
Response Time:Within 30 days
Verification:Identity verification may be required
General Inquiries

For general questions about our services or this Trust & Security page.

Email:Hello@QuantPillar.com
Website:quantpillar.com
Response Time:Within 2 business days

Last Updated: November 7, 2025

This Trust & Security page is reviewed and updated regularly to reflect our ongoing commitment to data protection and compliance with applicable laws.