Privacy as the default setting

That's what we do at 🍰

Data privacy and security are at the core of what we do here at Cake

With large, high-profile customers all around the world, we are committed to keeping your data secure and continuously monitoring and improving our processes.

Privacy embedded into the design
We take a proactive approach to data protection and anticipate privacy issues and risks before they happen.This doesn’t just apply to systems design -- we’re proactively developing a culture of ‘privacy awareness’ across our organisation.
End-to-end security with full lifecycle protection
We put strong security measures in place from the beginning and apply this throughout the data lifecycle. We process data securely via encrypted infrastructures and destroy it when it’s no longer needed.
Visibility and transparency
We’re big believers in win-win scenarios, and we don’t believe that you need to sacrifice speed or usability to comply with privacy and security regulations. We make it easy for you to control who’s able to access and make changes to your data so that you can focus on growing your business.

Steps we take


  • We verify email addresses of all users
  • An activity log is kept for every transaction that changes data in your organization, with clear tracing available
  • You can control who can access and make changes to your data by assigning different levels of permissions to users within your organisation
  • Social sign on
  • Pro customers can also leverage further protocols such as Two-Factor Authentication (2FA)
    Enabling 2FA will require all accounts associated to your company to use 2FA (both company and team app).


  • Cake services and data are hosted with Amazon Web Services (AWS) in Australia in the ap-southeast-2 region.
  • Daily backups are performed, encrypted and stored in a secure location
  • Data at rest is encrypted using AES-256.
  • Data in transit is encrypted using SSL/TLS.

People & Platform

  • Our employees are all subject to strict confidentiality obligations and given security training to educate them on potential threats and how to keep themselves and the company safe
  • Our internal security and privacy protocols include only allowing a select group of employees to access customer data and ensuring that all employees use approved password managers
  • Any requests to change investor or option holder personal information are communicated to the company contact
  • Our access to critical infrastructure and services require 2FA

Sub processors page

  • Coming soon. Any questions please contact our Security Officer.