MyRewards 100% uptime

Trust is built into everything we do.

We maintain clear policies, rigorous controls, and transparent processes to protect your data, ensure reliability, and operate with integrity.

200+
Documents
Policies, procedures & frameworks
24/7
Monitoring
Active monitoring and threat detection
99.94%
Uptime
Merchant API uptime
100%
Documented Controls
Security and operational controls

Security woven through every layer.

From the first line of code to the last mile of delivery, controls are designed in — not bolted on. Every system that touches your data is governed by documented policy, continuous monitoring, and independent review.

Encryption by default

Data is encrypted in transit and at rest with managed keys and strict rotation.

Continuous monitoring

24/7 threat detection, automated alerting, and a tested incident response runbook.

Least-privilege access

Role-based access, enforced MFA, and quarterly reviews keep entitlements tight.

Security operations center
Your data protected end to end

Your data, protected end to end.

Customer and cardholder data is isolated, minimized, and retained only as long as needed. Access is logged, reviewed, and revocable in real time.

  • Tokenized payments — raw card numbers never touch our application layer.
  • Regional data residency across the UAE, KSA, and wider GCC.
  • Tested recovery with documented RTO/RPO and routine restore drills.
  • Vendor due diligence on every third party that processes data.

Read the documents behind our controls.

Every policy below is a living document, reviewed at least annually. Select a card to open the full document.

Information Security Policy
Incident Management Policy
IT Risk Management Framework
Disaster Recovery Plan
Service Level Agreement (SLA)
Access Management Policies & Procedures
Data Protection & Privacy Policy
Business Continuity Plan
Acceptable Use Policy
Vendor & Third-Party Risk Policy
Encryption & Key Management Policy
Vulnerability Management Policy
Change Management Policy
Data Retention & Disposal Policy
Network Security Policy
PCI-DSS Compliance Statement
Anti-Money Laundering (AML) Policy
Vendor Code of Conduct