Skip to main content

Security

Security at Marketdata.ai


Marketdata.ai is built for finance, procurement, and market data teams at regulated firms. That means your IT security review comes before anyone signs in, so we document how sign-in, user lifecycle, hosting, and data protection actually work.

The summary below is what buyers usually need to explain during vendor review. For the underlying documents, ask us and we will share them directly.

Hosting and data residency

Marketdata.ai runs on EU-primary infrastructure with EU-first sub-processors, and is operated under Dutch law. Your data stays in the European Union. A current sub-processor list is available on request.

Authentication and access control

Enterprise single sign-on federates over SAML 2.0 or OpenID Connect, chosen per provider, with signed-assertion verification and domain-ownership proof. SCIM 2.0 lets your identity provider create and deactivate users automatically. Deactivating a leaver removes their access immediately and is written to the audit trail. Accounts also support two-factor authentication, least-privilege roles, and session inactivity timeouts.

Encryption and data protection

Traffic is encrypted in transit with TLS, and HTTPS is enforced with HSTS preload. Each customer account is logically isolated, with tenant scoping applied consistently across the application. Passwords are stored with bcrypt, and API tokens are held only as salted hashes.

Application security

Changes go through peer code review and a secure development process. Every change is scanned for known-vulnerable dependencies and run through static analysis before it ships, and we hold to a clean baseline on both. Sign-in, password reset, and API endpoints are rate-limited against brute-force attempts.

Privacy and GDPR

Marketdata.ai is built to align with the GDPR. A Data Processing Agreement is available, along with our sub-processor list. Customers can request export or deletion of their data. We align our controls to recognised security and privacy frameworks and are glad to walk your risk team through our current posture and roadmap.

Availability and disclosure

Marketdata.ai targets 99.9% monthly uptime. If you believe you have found a security issue, please contact us at support@marketdata.ai so we can investigate promptly. Our security contact is also published at /.well-known/security.txt.

Request our security documentation


Customers and prospects under evaluation can request our Data Processing Agreement, sub-processor list, and authentication and SSO security review. Send your security questionnaire and we will work through it with you.