Cyber Security & Digital Resilience

Seedrs takes cyber security and digital resilience seriously. We understand our users always expect our services to be available and their data to be kept secure. We work hard to manage security risks and stay ahead of possible threats by maintaining focus on the following areas.

1. Secure code development
Our code is developed with OWASP Top 10 in mind and reviewed with automatic tools. We are committed to best practices for secure software development.

2. Data encryption
We use HTTPS by default, to protect information that our users transmit throughout the platform, in accordance with industry standards. Our internal policies require encryption of laptops to protect our data in case of loss or theft.

3. Availability and digital resilience
We have a high-availability solution that protects our infrastructure against Distributed Denial of Service (DDoS) attacks. Additionally, our services use a Web Application Firewall (WAF) that protects the platform from malicious activities that could compromise our data.

4. Two-Factor Authentication
We offer two‑factor authentication and strongly recommend it is used by our users for maximum security. We have made two‑factor authentication mandatory for all our employees to access critical business services.

5. Audits and penetration testing
We use recognised accredited third parties to perform information security audits. We perform regular penetration tests of our platform and internal networks across our offices. We also have an internal vulnerability management process with automatic scanning capabilities.

6. Third party security
Like many businesses, we use certain third‑parties to support the services we provide to our users. We ensure that third parties are properly assessed in line with our security, outsourcing and data residency policies and procedures, and reviewed on a regular basis.

7. Incident and vulnerability reporting
We strive to implement high standard of cyber security and digital resilience, but incidents or vulnerabilities may occur. If you would like to report or provide feedback on any issue please contact our Information Security Director on security@seedrs.com. We treat any such report or feedback as high priority and will address them as soon as possible.

8. Payment security
When you make a payment using Seedrs, we use a third-party provider, Stripe. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. They make use of best-in-class security tools and practices to maintain a high level of security at Stripe. Full details can be found here.

9. Industry collaboration
We work closely with other peers and organisations that meet industry standards, to improve our cyber security and digital resilience. We often take part in security forums, conferences and private discussion groups to stay ahead of threats to our business.

10. Human resources security
Seedrs employees receive security awareness training on an ongoing basis, and are required to adhere to our information security procedures. Any incidents of non-compliance are dealt with by our Information Security Director, who has full access to the Seedrs Board.

Investing involves risks, including loss of capital, illiquidity, lack of dividends and dilution, and should be done only as part of a diversified portfolio. Please read the Risk Warnings before investing. Investments should only be made by investors who understand these risks. Tax treatment depends on individual circumstances and is subject to change in future.

This campaign for has been approved by Seedrs Limited (trading as Republic Europe) ("Republic Europe", "us" or "we"), as of [DATE OF APPROVAL] as a financial promotion. Republic Europe is authorised and regulated by the Financial Conduct Authority with firm reference number 550317. In approving this campaign, Republic Europe has concluded that the information, taken as a whole, is "fair, clear and not misleading." This means that for factual statements we have reviewed evidence of their accuracy, and that for aspirational statements we believe they are phrased appropriately in light of their speculative nature. You should note that in the case of factual statements, the evidence we review is provided by the business, and we do not audit it, which means that we may not be able to identify forged or altered evidence. You should further note that in the case of aspirational statements, the nature of the type of businesses presented on the Republic Europe platform is such that they are likely to have high ambitions, and we may approve statements that convey those ambitions even where we do not believe, or we do not have a view on whether it is likely, that they will be fully realised. The pre-money valuation and investment sought in the campaign are those set by the business: they are not reviewed or established by us, and the valuation is not an independent view of what the business is worth. Given the nature and type of businesses presented on the Republic Europe platform, it is possible that the business has very little cash remaining prior to receiving this investment, and the investment sought may be necessary for the business's on-going existence.

Republic Europe does not make investment recommendations to you. No communications from Republic Europe, through this website or any other medium, should be construed as an investment recommendation. Further, nothing on this website shall be considered an offer to sell, or a solicitation of an offer to buy, any security to any person in any jurisdiction to whom or in which such offer, solicitation or sale is unlawful. Republic Europe does not provide legal, financial or tax advice of any kind. If you have any questions with respect to legal, financial or tax matters relevant to your interactions with Republic Europe, you should consult a professional adviser.