Legal

Security

How we protect your platform and data.

Last updated: June 19, 2026

1. Our approach

Security is built into the design of UnicyVinci. We apply reasonable technical and organizational measures to protect the confidentiality, integrity and availability of your data.

2. Hosting and infrastructure

The platform is hosted on a recognized cloud infrastructure (DigitalOcean, Canada). The infrastructure is managed according to industry best practices.

3. Encryption

Communications with the platform are encrypted in transit (TLS/HTTPS).

4. Data isolation (multi-tenant architecture)

Each client's data is isolated through a multi-tenant architecture with separate schemas, so that one client cannot access another's data.

5. Access controls

Access to systems is limited to authorized personnel, on a least-privilege basis. Sensitive actions are logged.

6. Payments

Payments are processed by Stripe, which is PCI-DSS certified. We do not store credit card numbers on our servers.

7. Backups and continuity

Regular backups are performed. We aim to be able to restore the service in the event of an incident.

8. Incident management

In the event of a confidentiality incident presenting a risk of serious harm, we apply a response process, notify affected individuals and the competent authority, and record the incident, in accordance with Law 25.

9. Responsible disclosure

If you discover a vulnerability, please report it responsibly to [email protected]. We will review your report and respond within a reasonable timeframe. Please do not exploit the vulnerability or access data that does not belong to you.

10. Contact us

[email protected] — Unicy, Montreal, Quebec, Canada