TRUST & SECURITY

At PAYCE Technology, we understand the paramount importance of trust in the digital realm. Our commitment to transparency, security, and reliability forms the cornerstone of our operations.

By using the PAYCE Parking Management Web App, you place your trust in us, and we take that responsibility seriously. We are dedicated to earning and preserving your trust through our unwavering commitment to security, privacy, transparency, reliability, user empowerment, and continuous improvement.

Core Principles

Limit Access

Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege.

Consistency

Security controls should be applied consistently across all areas of the enterprise.

Wash, Rinse, Repeat

The implementation of controls should be iterative, continuously maturing across the dimensions of improved effectiveness, increased auditability, and decreased friction.

SOC 2 Type 2

PAYCE Technology maintains a SOC 2 Type II attestation. Our SOC 2 Type II report is available upon request.

Data Protection

Encryption at Rest

All datastores with customer data, including S3 buckets, are encrypted at rest. This means the data is encrypted so that physical access is not enough to read the sensitive information.

Encryption in Transit

All data in transit is encrypted using TLS 1.2 or higher. This means that data is encrypted as it travels between systems, ensuring that it cannot be intercepted and read by unauthorized parties.

Data Retention

TWe retain data only as long as necessary to provide our services and comply with legal requirements. Data that is no longer needed is securely deleted to minimize the risk of unauthorized access.

Data Access

Access to customer data is restricted to authorized personnel with a legitimate business need. All access is logged and monitored to detect and prevent unauthorized access.

Product Security

Secure Development

Our software development lifecycle includes security reviews, threat modeling, and secure coding practices to minimize the risk of vulnerabilities in our products.

Vulnerability Management

We conduct regular vulnerability assessments and penetration tests to identify and remediate security weaknesses in our products and infrastructure.

Incident Response

We have an incident response plan in place to detect, respond to, and recover from security incidents. Our team is trained to handle security events effectively and minimize impact on our customers.

Third-Party Security

We evaluate the security practices of our third-party vendors to ensure they meet our security standards and protect customer data. We require third parties to adhere to our security requirements and monitor their compliance.

Enterprise Security

Access Control

Access to systems and data is controlled through role-based access controls, multi-factor authentication, and other security measures to prevent unauthorized access.

Monitoring

We monitor our systems and networks for security events, anomalies, and threats to detect and respond to potential security incidents in real-time.

Compliance

We comply with industry standards and regulations to protect customer data and ensure the security and privacy of our services. We undergo regular audits and assessments to validate our security controls.

Training

Our employees receive security awareness training to educate them on security best practices, policies, and procedures. We empower our team to be vigilant and proactive in safeguarding our systems and data.

PAYCE Technology, is wholly owned by Mass Park, Inc. d.b.a. Valet Park of America and is incorporated in Springfield, Massachusetts. PAYCE Technology is a registered trademark of Mass Park, Inc. d.b.a. Valet Park of America. All rights reserved.