Donut Assist Security Policy

Effective date “December 1, 2019“

We have gone above and beyond when it comes to storing your confidential data. In this section, we will thus expound on the measures taken by our engineers to ensure nothing bad happens to your data.

Privacy Practices

The information you provide us is never shared with an affiliated or unaffiliated third-party for the purpose of target-based advertisements. Our team is a strong supporter of online privacy and Donut has been designed from the ground up as a product which our own people will feel comfortable using. You can visit our privacy policy page to know more about this.

Infrastructure and Architecture

All of our systems are deployed within a private data-center in the cloud following the AWS Well Architected Framework with a special emphasis on the pillar of security and reliability. This means that you’re never going to lose your data and no one will be able to unsolicitedly access it.

Security of the Giants

You must have seen our obsession with security; when you’re dealing with financial data, no amount of security is too much (technically). Following the footsteps of the Giants in this area, we have deployed a Zero Trust, Segmented network architecture which means that no service can internally communicate unless it’s explicitly allowed to do so by an engineer. Network isolation implies that there is a clear delineation in the data traveling to and fro our systems in different environments without ever colliding with one another.


The entire Donut product ecosystem follows the concept of a tiered architecture and the principles of least privilege meaning that, at any given time, an API call or a host can do only the least amount of things required for it to function in line with the business requirements. 


Last, but certainly not least, we also follow some of the leading standards in key management, key rotation, encryption in transit and rest, and code auditing.

Systems’ Security

All of our code runs on machines; how do we ensure the security of the machine? We employ best-in-class anti-virus, anti-malware, file-integrity monitoring and intrusion-detection systems to ensure that our application runs only on the cleanest of hardware. Amazon’s shared responsibility model allows us to forget about the nitty-gritties associated with managing the actual hardware and its security, reliability and availability.