Security

Checkbase is a due-diligence tool used by businesses, so we take the protection of your account and data seriously. This page explains the measures we have in place. We will keep it up to date as our practices evolve.

Accounts & access

  • Authentication is handled by Clerk, a specialist identity provider. We never see or store your password.
  • Multi-factor authentication is available on your account for an extra layer of protection.
  • Data is scoped to your organization. Members only see their own organization's checks, monitoring and billing, with separate admin and member roles.

Payments

  • Payments are processed by Stripe. Card details are entered directly with Stripe and are never stored on Checkbase servers.

Data & encryption

  • Traffic between your browser and Checkbase is encrypted in transit using HTTPS/TLS.
  • Our reports are built from official public registers and other sources. We aggregate and summarise that information rather than creating new personal records about individuals.
  • API keys are stored only as a hashed value and shown in full once, at creation. You can revoke a key at any time.
  • Privileged and account-changing actions are recorded in an internal audit log.

Privacy

We handle personal information in line with the New Zealand Privacy Act 2020. For how we collect, use and store information, please see our Privacy Policy.

Reporting a security issue

If you believe you have found a security vulnerability, please email us at support@checkbase.co.nz. We welcome responsible disclosure and will work with you to resolve genuine issues quickly.

Share your feedback

Help us improve Checkbase

How's your experience?