Security
How we protect your platform and data.
Last updated: June 19, 2026
1. Our approach
Security is built into the design of UnicyVinci. We apply reasonable technical and organizational measures to protect the confidentiality, integrity and availability of your data.
2. Hosting and infrastructure
The platform is hosted on a recognized cloud infrastructure (DigitalOcean, Canada). The infrastructure is managed according to industry best practices.
3. Encryption
Communications with the platform are encrypted in transit (TLS/HTTPS).
4. Data isolation (multi-tenant architecture)
Each client's data is isolated through a multi-tenant architecture with separate schemas, so that one client cannot access another's data.
5. Access controls
Access to systems is limited to authorized personnel, on a least-privilege basis. Sensitive actions are logged.
6. Payments
Payments are processed by Stripe, which is PCI-DSS certified. We do not store credit card numbers on our servers.
7. Backups and continuity
Regular backups are performed. We aim to be able to restore the service in the event of an incident.
8. Incident management
In the event of a confidentiality incident presenting a risk of serious harm, we apply a response process, notify affected individuals and the competent authority, and record the incident, in accordance with Law 25.
9. Responsible disclosure
If you discover a vulnerability, please report it responsibly to [email protected]. We will review your report and respond within a reasonable timeframe. Please do not exploit the vulnerability or access data that does not belong to you.
10. Contact us
[email protected] — Unicy, Montreal, Quebec, Canada