PIPEDA Compliance

Settle* operates in strict compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA). We understand that your financial data is sensitive, and we treat it with bank-grade security.

Compliance Highlights

• Data Residency: All user data is stored and processed within Canada (AWS ca-central-1 region) to ensure it remains subject to Canadian privacy laws.
• Encryption: Sensitive data is encrypted at rest using AES-256 and in transit using TLS 1.3, the same standards used by major financial institutions.
• Access Control: Strict role-based access ensures only authorized underwriting staff can view your sensitive documents during the approval process.
• Retention: We retain financial records only as long as required by law (7 years), after which they are securely destroyed.

Accountability

We have designated a Privacy Officer who is responsible for our compliance with PIPEDA principles. If you have questions about our handling of your personal information, please reach out to us.