Information Security

Strong information security is the foundation of every great software experience. That’s why we treat it as a shared responsibility across our people, processes, and technology.

ISO 27001

Your trust matters to us. That’s why we’ve gone the extra mile to earn ISO/IEC 27001 certification, a globally respected standard for information security. It shows we’ve built strong processes to protect your data.

Currently, our certifications cover our Financial management software and 24SevenOffice companies.

Report a security or privacy vulnerability

If you’ve spotted a vulnerability, threat, or any issue related to security or privacy in our services, we’d really appreciate hearing from you. Every report helps. Keeping our products and your data safe is a priority for us.

How to report it

1. Send us an email at vulnerabilities(a)finago.com.
2. What to include:
   • Product name and version (if known)
   • URL, if it’s a browser-based service
   • A description of the issue and its potential impact
   • Steps to reproduce the issue, if needed
3. If your message contains sensitive information, we recommend encrypting it. You can also ask us first to send you an encrypted email, so you can reply securely.

How we handle reports

Our security team reviews all reports confidentially, working with product development and support teams as needed. We’ll keep you updated as we investigate. To protect our customers, we don’t typically publicly confirm or disclose vulnerabilities, until they’ve been resolved and updates are in place.

Please note that we’re not currently running a public bug bounty program.