Information Security in Galgal

Data privacy is a must have requirement when we think about data in financial world and it cannot be considered as optional. Any information relating to an identifiable natural person is personal data and must be used or accessed by the person or the respective organisation that has declared in its privacy policy and agreed by the user. In India, the data privacy rules introduced in the form of Act in 2011 have been described strictly by some Indian and US firms. The rules require firms to obtain permission from customers before collecting and using their personal data. Personal information can be categorised as:
  • Direct identifiers refer to the information (set of data) that explicitly identify a person.
  • Name, PAN, Aadhar, Biometric data
  • Indirect identifiers refer to the information (set of data) that can be merged with additional data to identify a person
  • Financial data like Card numbers, account transactions
  • Tax details
  • Birth place and DOB
  • Medical records
When we capture the user data that has direct identifiers it becomes imperative that appropriate measures are put in place to adhere to the data protection laws that strictly regulate personal data processing.

Galgal being a fintech app, holds personal and financial data of the user. To assure data security for the user we adhere to a variety of data privacy techniques:
  • We segregate the data into direct and indirect identifiers
  • For direct and indirect identifiers, we follow dynamic data masking & pseudonymization techniques to assure the data privacy
  • Our APIs are highly secure and use Secure Sockets Layer for communication between application and backend services. This ensures data is encrypted while in transit
  • In addition, our databases are also encrypted to ensure data security while at rest
  • Our network, infrastructure and application has undergone a rigorous vulnerability and penetration testing (VAPT) and a number of security techniques have been implemented to ensure that user’s data that they view on the app is also adequately protected
  • At an organization level too, we ensure that we have well documented and implemented governance measures, policies and processes that align to ISO 27001 information security standards.

At Galgal we take data privacy and confidentiality very seriously. Just one of the ways we help remove stress out of your money management.

Download Now