Trust

Security at HollexApp

Here's how we protect your account and your data.

Encryption everywhere

All traffic between you and HollexApp is protected with TLS 1.2 or higher. Personal data, KYC documents, and salary information are encrypted at rest using AES 256.

Strong account protection

Passwords are hashed with industry standard algorithms. Admin accounts require two factor authentication. We ask for your code again after an hour of inactivity.

Least privilege access

Internal access to customer data is granted on a need to know basis. Production admin systems require multi factor authentication.

Hardened infrastructure

We host on enterprise grade cloud infrastructure with isolated environments, automated patching, daily encrypted backups, and continuous monitoring.

Fraud prevention

We review account activity and apply rate limits where they matter most, such as company linking and outbound notifications.

Responsible disclosure

If you believe you have found a vulnerability, please email hello@hollexapp.com. We acknowledge reports within 2 business days and credit researchers who follow responsible disclosure.

Data protection

We collect only the data we need to verify your employment, calculate what you have earned, and disburse and recover the advance. We never sell your data. We process it in line with Ghana's Data Protection Act, 2012 (Act 843). For full detail, read our Privacy Policy.

What you can do

  • Use a strong, unique password for your HollexApp account.
  • Never share your one time codes or password with anyone, including someone claiming to be from HollexApp.
  • Keep the email address on your account current so you receive every security notification.
  • Sign out on shared devices.

Report a security concern

If you have spotted something that looks wrong, email hello@hollexapp.com. Include enough detail for us to reproduce the issue. We will acknowledge your report within 2 business days.