Security Policy

Built securely from the ground up

bitzlato meets all industry standards to safeguard your data. We use various methods to secure our servers as well as our software. If you have any questions or concerns about our security, please contact us at [email protected]


A majority of customer deposits are stored in offline wallets. These are wallets that we keep offline with complete air-gap isolation. An absolute minimum of coins to maintain operational liquidity are stored in online wallets. All wallets are encrypted at all times. The wallets and paper backups of them are stored in several geographically distributed vaults. Furthermore, we maintain full reserves at all times.


Network infrastructure is segregated and protected by physical firewalls.
We use Cloudflare for DDoS protection.
All data is backed up on a regular basis to ensure redundancy.
We regularly scan our networks for any security issues using several third-party service providers.
All-network traffic is encrypted via SSL and SSH.


All application traffic is sent over SSL/TLS.
We perform regular internal source code audits. We run an active white hat program through various third party service providers.


We offer two-factor authentication using Google Authenticator as an extra security layer for authentication.
All sensitive data like your password is encrypted before stored in the database.


Prospective employees undergo security screenings during the hiring process. All employees use encrypted storage and encrypted password management.