Guides
Free SignupLogin to DashboardCustomer Support
  1. Security, Privacy & Compliance

Data Encryption

Nuitee Connect uses industry-standard encryption mechanisms to protect data both in transit and at rest. Encryption is a core control to ensure the confidentiality and integrity of customer data processed through the platform.

Encryption in Transit

All data transmitted to and from Nuitee Connect APIs is encrypted in transit using TLS (Transport Layer Security).

Key points:

  • All API endpoints are accessible exclusively over HTTPS
  • TLS is enforced for all external and internal service communication
  • Weak or deprecated cryptographic protocols and ciphers are disabled
  • Certificates are managed and rotated in accordance with industry best practices

This ensures that data cannot be read or modified by unauthorized parties during transmission.

Encryption at Rest

Data stored by Nuitee Connect is encrypted at rest using strong, industry-standard encryption algorithms.

This includes:

  • Databases
  • Backups
  • Log storage systems

Encryption at rest protects data in the event of unauthorized access to underlying storage systems.

Key Management

Cryptographic keys used for encryption are:

  • Managed using secure key management systems provided by trusted infrastructure providers
  • Protected against unauthorized access
  • Rotated periodically or upon security events, where applicable

Nuitee Connect does not expose encryption keys to customers or external parties.

API Keys and Secrets

Customer access to Nuitee Connect is secured using API keys and related credentials.

Security measures include:

  • API keys are generated securely
  • Keys are stored in encrypted form
  • Keys are never transmitted in URLs
  • Customers can rotate or revoke keys if compromise is suspected

Customers are responsible for keeping their API keys confidential and secure.

Payment Data Encryption

Nuitee Connect does not handle raw payment card data.

Where payment-related data is involved:

  • Sensitive payment details are encrypted and processed directly by PCI-compliant payment providers
  • Nuitee Connect systems are isolated from cardholder data environments

Customer Responsibilities

Customers are responsible for:

  • Ensuring secure transmission of API requests from their systems
  • Protecting API keys and credentials
  • Applying encryption and access controls within their own infrastructure