← VAMELAONE
Company · Trust

Boring is
a feature.

VAMELA LTD provides gateway and integration technology. We do not hold, process, or settle client funds - those activities are performed by the licensed partners we connect to. What we do operate, we operate carefully.

01

SOC 2-aligned controls

Access reviews, change management, logging, and incident response governed by documented controls.

02

ISO 27001-aligned ISMS

Information security management system covering people, process, and technology end-to-end.

03

GDPR & DPF

EU/UK GDPR-aligned data handling with standard contractual clauses for international transfers.

04

Encryption by default

TLS 1.2+ in transit, AES-256 at rest. Secrets are vaulted; credentials are short-lived.

05

Regional residency

EU, UK, US, SG data residency selectable per workload. No silent cross-region copies.

06

Not a regulated FI

We are a technology provider - not a bank, payment institution, or e-money institution. Funds remain with licensed partners.

Responsible disclosure

Found a vulnerability? Email sales@vamelaone.com with the subject "Security". We acknowledge within 24 hours and credit researchers in our hall of fame on request.