Learn how we protect your data with military-grade encryption and security protocols
At WG, we implement bank-level encryption and comprehensive data protection measures to safeguard your personal information, financial data, and trading activities. Our security infrastructure matches and often exceeds the standards used by major financial institutions, ensuring your data remains confidential and secure at all times.
Encryption is the process of converting your data into a coded format that can only be accessed with the proper decryption key. We use multiple layers of encryption throughout our platform.
All data transmitted between your device and our servers is protected using TLS 1.3, the latest and most secure version of the protocol. This creates an encrypted tunnel for your data, preventing interception or tampering during transmission. When you see the padlock icon in your browser's address bar, it confirms this secure connection is active.
Our TLS implementation uses 256-bit encryption keys, which would take billions of years to crack using current computing technology. We regularly update our SSL/TLS certificates and only support secure cipher suites, automatically rejecting connections that attempt to use outdated or vulnerable encryption methods.
Your data doesn't just need protection while traveling; it needs to be secure when stored on our servers. We encrypt all sensitive data at rest using AES-256 encryption, the same standard used by governments for classified information. This means even if someone gained physical access to our servers, your data would be unreadable without the encryption keys.
We employ a sophisticated key management system where encryption keys are stored separately from the data they protect. Keys are rotated regularly and are themselves encrypted using hardware security modules (HSMs). This multi-layered approach ensures that your data remains protected even in the unlikely event of a security breach.
Beyond encryption, we implement numerous additional measures to protect your data throughout its lifecycle.
We follow the principle of data minimization, collecting only the information necessary to provide our services and meet regulatory requirements. Your data is never used for purposes beyond what you've explicitly agreed to. We don't sell your information to third parties, and we limit internal access to your data on a strict need-to-know basis.
Each piece of data we collect has a defined purpose and retention period. Once data is no longer needed, it's securely deleted using methods that prevent recovery. This reduces the attack surface and ensures that even historical data can't be compromised.
Access to customer data is tightly controlled and monitored. Employees can only access the specific data necessary for their role, and all access is logged and regularly audited. We use multi-factor authentication for all internal systems, and access permissions are reviewed quarterly to ensure they remain appropriate.
Our systems employ role-based access control (RBAC) with the principle of least privilege. This means employees have the minimum level of access necessary to perform their duties. Any attempt to access data outside of assigned permissions triggers immediate alerts to our security team.
Your data is logically separated from other customers' data using advanced database segregation techniques. This ensures that even in the event of a software bug or misconfiguration, one customer's data cannot be accessed by another. We use separate encryption keys for each customer's sensitive data, adding an additional layer of protection.
Our infrastructure employs network segmentation to isolate different types of data and systems. Trading systems are separated from administrative systems, and both are isolated from public-facing services. This compartmentalization limits the potential impact of any security incident.
Our security extends beyond digital measures to include robust physical and infrastructure protections.
Our servers are housed in world-class data centers that meet the highest security standards. These facilities feature 24/7 security personnel, biometric access controls, security cameras, and intrusion detection systems. Access to server rooms requires multiple forms of authentication and is limited to authorized personnel only.
The data centers maintain redundant power supplies, climate control, and fire suppression systems to ensure continuous operation and data protection. They're strategically located to minimize risks from natural disasters and are compliant with international security standards including ISO 27001 and SOC 2.
Our network architecture implements defense in depth, with multiple layers of security controls. We use enterprise-grade firewalls, intrusion detection and prevention systems (IDS/IPS), and distributed denial-of-service (DDoS) protection to defend against external threats.
All network traffic is monitored in real-time using advanced threat detection systems that use machine learning to identify unusual patterns or potential security threats. Our security operations center (SOC) operates 24/7, with security analysts ready to respond to any incidents immediately.
We maintain compliance with international security standards and undergo regular audits to verify our security measures.
We comply with all relevant data protection regulations including GDPR, CCPA, and financial industry standards. Our compliance team stays current with evolving regulations and ensures our practices meet or exceed all requirements. This includes providing you with rights regarding your data, such as the ability to access, correct, or delete your personal information.
We undergo annual security audits by independent third-party firms who test our systems and verify our compliance with industry standards. These audits include penetration testing, vulnerability assessments, and reviews of our security policies and procedures. The results help us continuously improve our security posture.
Our platform maintains several important security certifications that demonstrate our commitment to data protection. These include PCI DSS compliance for payment card data, ISO 27001 certification for information security management, and SOC 2 Type II attestation for security, availability, and confidentiality.
These certifications require rigorous testing and ongoing compliance monitoring. They provide independent verification that our security controls are properly designed and operating effectively. We make our certification reports available to enterprise clients upon request.
Despite our comprehensive preventive measures, we maintain a robust incident response plan to handle any potential security events.
Our security incident response team is trained to handle potential security events quickly and effectively. The team includes security engineers, forensic analysts, legal counsel, and communication specialists who work together to contain, investigate, and remediate any incidents.
We conduct regular incident response drills to ensure our team is prepared for various scenarios. These exercises help us refine our procedures and ensure rapid, coordinated responses to any security events.
In the unlikely event of a security incident that affects your data, we commit to transparent and timely communication. We will notify affected users within 72 hours of discovering a breach, as required by regulations, and often much sooner. Our notifications will clearly explain what happened, what data was potentially affected, and what steps we're taking to address the situation.
We also provide guidance on steps you can take to protect yourself and offer support services such as credit monitoring when appropriate. Our goal is to maintain your trust through honest, clear communication even in challenging situations.
