We have spent much effort to this aspect, which is definitely very important.
We have invested and developed a Security Management function which, together with an external security company, led us to set everything up immediately at a high level. The Security Manager is hired directly by us and helps us to check and update the whole system, in real time, every day.
The technological part of the backend is managed, for us, by an extremely qualified provider and is based on sophisticated approaches and on high profile consolidated tools (Microsoft's Azure, for example) of which we have remote control, in order to have always active the so-called 4-eyes principle also in this area.

We can say that Weople achieved a high security standard thanks to high-level procedures and strong technical precautions. These includes our IPS (Intrusion Prevention System), IDS (Intrusion Detection System) and DLP (Data Loss Prevention).
This high level of security has been achieved, among other things, thanks to a complex encryption that all information undergoes before being saved in our area on Microsoft's Azure server.
To ensure adequate security by design, data is separated into different databases, in different tables. Furthermore, sensitive personal data is tokenised, that is transformed within the database through encryption in a string that cannot be reconstructed because with a random seed, so without a fixed encryption rule. The data represented by the "tokens" and the respective keys are divided and saved in separate servers. Also, thanks to strict internal security procedures, we have been granted an advanced degree of security of our IPS, IDS and DLP systems. The security of the Weople platform also applies to internal operators and is codified in rigid practices and procedures: for example, the same Weople operators do not have access to database information, which is in constant encryption status and which, only if necessary, they can be extracted and reconstructed through complex processes and monitored automatically, which return, in different steps, the unencrypted data.
These high security standards already refer to bank level certificates.