Appcharge Compliance Policy

Appcharge Compliance Policy
Appcharge is committed to keeping up with the latest compliance regulations and providing our publishers and player data with the best security and privacy. We continuously monitor and improve our compliance program as part of this approach. We highly prioritize security, compliance, and data protection in every product and technology-building step. We decided that by the end of July 2024, we will be audited and certificated with PCI level 2, Penetration Testing, GDPR, SOC 2 - Type 2, and ISO 27001. We partnered with Hub Security and EY as advisors and auditors.

PCI - level 2
From the start, it was very important for us in Appcharge to comply with the Payment Card Industry Data Security Standard (PCI DSS). Our systems are regularly audited to ensure compliance with PCI standards. Penetration testing is conducted to identify and address vulnerabilities.
Comsec and Hub Security certified us in January 2024 to comply with all the PCI level 2 requirements.

GDPR
General Data Protection Regulation (GDPR). GDPR compliance ensures the protection of the personal data of EU citizens. Appcharge is committed to saving and protecting all users' private information. We've implemented measures such as data encryption and consent management. Regular audits ensure continuous alignment with GDPR requirements.
Hub Security certified us in Feb 2024 that we comply with all the GDPR requirements.

SOC 2 - Type 2
Appcharge adheres to SOC 2 principles of security, availability, processing integrity, confidentiality, and privacy. Regular audits ensure ongoing compliance with SOC 2 requirements. We engage third-party auditors Hub Security and EY to perform rigorous validations to ensure compliance.
We started the official audit process at the beginning of March 2024 and will finish it by the beginning of June 2024.

Penetration Testing
Appcharge is committed to providing our publishers and player data with the best security and privacy. We have a very strong development team with extensive background in cyber security. Our entire infra was built with the highest data protection and security regard. As part of that, Penetration testing is conducted regularly to identify vulnerabilities in our systems. We employ certified ethical hackers to simulate real-world cyber attacks with our Comsec and Hub Security partners. Findings from penetration tests are fixed immediately.

We successfully completed a PT review in October 2023 and planned to have another two in 2024. Moving forward, we will run external Penetration test reviews twice a year.

ISO 27001
ISO 27001 certification validates our information security management system. We follow ISO 27001 standards to safeguard sensitive information. Periodic assessments and audits maintain our ISO 27001 compliance. Appcharge is working towards certification. The audit should start outlining the progress made and the next steps.
We will start the official audit process at the beginning of October 2024 and should finish it by the beginning of January 2025.