Security and privacy at InvestorHub.

Your data is kept private and secure across InvestorHub.

Our privacy principles.

At InvestorHub, we are committed to protecting your privacy. Our privacy principles guide the development of our products, processes and systems so you can rest assured your data is handled with the utmost care.


Our business is built on transparency, with a commitment to providing clear and consistent information on who has access to your data and how it's used. We process data in accordance with our terms and data protection agreements and clearly outline our processes through our privacy policy. As our policies are written with you in mind, you’ll be the first person to know when we update our privacy structure.

User first.

Our users are at the center of everything we do. That’s why we’ve designed effective privacy controls to put their interests first. We’re on a mission to embrace collaboration and to constantly evolve our privacy practices to better meet our users' needs.

Data ownership and control.

We adhere to strict data security protocols which means we do not share any data with third parties. By putting you in control of the users that have access to your account, our products and practices are designed to enable you to actively control and manage access to your data.

Our approach to security.

Billions of dollars of shareholder value is managed using our technology. We take this responsibility seriously and use a variety of technologies to help protect your data. We employ robust security controls across all aspects of our engineering and service delivery. This includes encryption at rest and in transit, network security and server hardening, administrative access control, system monitoring, logging and alerting, and more.

SOC2 compliance.

InvestorHub adheres to the highest standards for managing customer data, highlighting our dedication to operational excellence and building trust. With SOC2's seal of approval, you can be confident that your data is in safe hands with us. Learn more.

GDPR compliance.

InvestorHub commits to full compliance with the General Data Protection Regulation (GDPR). Our robust data protection measures include secure storage solutions, regular audits, and comprehensive privacy policies that safeguard personal information. We empower our users with control over their data, offering transparent practices and easy access to consent management tools. By adhering to GDPR standards, InvestorHub demonstrates its commitment to upholding the highest levels of trust and integrity in all our operations.

Back-end security.

By leveraging Google Cloud's infrastructure, we access a secure-by-design network, built-in protection, and the same global network that Google uses to safeguard information, identities, applications, and devices.

Furthermore, with Google Cloud, every piece of data is encrypted—both in transit between our registry and the cloud, and at rest—ensuring that only authorised personnel and services can access your valuable information. Rest assured, with InvestorHub, your data is protected by some of the most advanced security measures available.
Google cloud.png

Front-end security.

With Vercel, InvestorHub benefits from regular penetration testing conducted by expert third-party pen testers to guard against potential data breaches. We're happy to report that InvestorHub has consistently passed these rigorous tests, demonstrating our commitment to maintaining the highest security standards.

Moreover, InvestorHub benefits from dual-layered DDoS protection, combining automated detection with direct intervention strategies. This means Vercel's systems are always on guard, automatically identifying and thwarting malicious attacks on our client sites. For more sophisticated threats, we engage directly with Vercel, working together to keep your sites safe, secure, and operational, no matter the challenge.

Additionally, we ensure that all data shared with our platform is protected through SSL certification. This certification guarantees that any data transferred between users and our sites, or between two systems, is encrypted during transit. This encryption makes it extremely difficult for unauthorized parties to intercept or read your data, ensuring your information remains confidential and secure.

Internal data handling.

Two-factor authentication.

InvestorHub has enabled two-factor authentication (2FA) on all admin accounts to add a second layer of protection to your account.

Active account security monitoring.

InvestorHub uses automatic and manual systems on your account to prevent unauthorized access and to notify you when someone has/is accessing your data. Identities, users, and services are authenticated and access to sensitive data is protected with advanced tools like phishing-resistant security keys.


Why does InvestorHub need my registry data?

Your registry data is used to provide actionable insights and analysis through our software, the applications include:

1. To identify behaviour patterns which in turn allow us to provide you with predictions of investor demand for a capital raise and future trading behaviour;

2. To provide you with a shareholder overview feature that includes bespoke insights and analytics based on movement data;

3. To help you track the engagements you generate with your shareholders through our software.

How does InvestorHub use my registry data?

Your registry data is de-identified and processed as part of a data pool in our machine learning algorithms. The analytic model that emerges from this process uses patterns across our total dataset. This use of data is similar to how Google Analytics, Sprout Social, Hootsuite and other data analytics tools operate (e.g. Sprout Social connects to your Twitter account and provides you with analytic models to understand how your posts compare with similar accounts).

No information about your shareholders or your company is shared with other clients or third parties. No input data is accessible directly by anyone except authorised end users.

Who can access your account data?

You, anyone you share your account with via InvestorHub's permissions feature, and any authorised InvestorHub employee can access the data you collect. Access to platform and client data is assigned to InvestorHub employees on a need-to-know basis.

Roles with different levels of access are assigned to employees, with the intent to provide employees with enough access to do their jobs (e.g. provide customer support, conduct billing-related activities, implement new security measures, etc). Employee roles are reviewed regularly.

Other than for purposes of debugging and monitoring product analytics InvestorHub employees will not access your data for any reason beyond your request. This usually comes in the form of a support request. For example, you might ask us to review your account or provide analysis of a datapoint.

What data security measures does InvestorHub adhere to?

We work hard to make sure your information is secure, including: We do not sell your data or the data you collect with our platform. Login pages transmit login data via SSL.

Our software and product development processes are compliant with Google Cloud security best practices. We encrypt data in transit between data facilities and at rest, ensuring that it can only be accessed by authorised roles and services with audited access to the encryption keys. All data is encrypted and managed by Google Cloud. All data is stored on Australian-based servers. We have appointed a Data Security Officer, who can be reached by emailing
Cookie Settings
This website uses cookies

Cookie Settings

We use cookies to improve user experience. Choose what cookie categories you allow us to use. You can read more about our Cookie Policy by clicking on Cookie Policy below.

These cookies enable strictly necessary cookies for security, language support and verification of identity. These cookies can’t be disabled.

These cookies collect data to remember choices users make to improve and give a better user experience. Disabling can cause some parts of the site to not work properly.

These cookies help us to understand how visitors interact with our website, help us measure and analyze traffic to improve our service.

These cookies help us to better deliver marketing content and customized ads.