Security

1. Security approach

Zele uses layered technical and organisational controls intended to protect account data, maintain service availability, and reduce operational risk.

Security is integrated into development, deployment, and operational processes, with controls reviewed as the service evolves.

2. Access and account controls

Authentication and role-based authorisation controls are used to separate household data and limit access to sensitive actions.

• logical separation of account and household context;
• permission checks for privileged actions;
• administrative access limited to authorised personnel.

3. Network and infrastructure security

The service is intended to run over HTTPS to protect data in transit. Monitoring, logging, and operational safeguards are used to support platform integrity and continuity.

Infrastructure and application components are maintained through regular updates and operational review processes where practical.

4. Payment security

Subscription payments are processed by third-party payment providers. Zele does not store full raw payment card details on application servers.

Payment processors handle cardholder data under their own compliance obligations and contractual controls.

5. Incident response and disclosure

If you identify a potential vulnerability, please report it privately to [email protected] with clear reproduction details. We review and triage reports as a priority.

We ask that you avoid public disclosure until we have had reasonable time to investigate and apply mitigations where needed.

6. Shared responsibility

Security is a shared responsibility. Users should keep account credentials secure, use trusted devices where possible, and promptly report suspicious account activity.