Boring is
a feature.
VAMELA LTD provides gateway and integration technology. We do not hold, process, or settle client funds - those activities are performed by the licensed partners we connect to. What we do operate, we operate carefully.
SOC 2-aligned controls
Access reviews, change management, logging, and incident response governed by documented controls.
ISO 27001-aligned ISMS
Information security management system covering people, process, and technology end-to-end.
GDPR & DPF
EU/UK GDPR-aligned data handling with standard contractual clauses for international transfers.
Encryption by default
TLS 1.2+ in transit, AES-256 at rest. Secrets are vaulted; credentials are short-lived.
Regional residency
EU, UK, US, SG data residency selectable per workload. No silent cross-region copies.
Not a regulated FI
We are a technology provider - not a bank, payment institution, or e-money institution. Funds remain with licensed partners.
Found a vulnerability? Email sales@vamelaone.com with the subject "Security". We acknowledge within 24 hours and credit researchers in our hall of fame on request.