Security & Compliance at Wolt

Information security and data privacy are at the heart of Wolt. We value the privacy of our customers and partners, and want to ensure Wolt is secure to use and available at all times. We want to make sure that our customers have a great experience that is secure, reliable and responsible.

What does Security and Privacy mean at Wolt?

They're part of every Wolt order.

Data Privacy

Ensuring data privacy of our customers and stakeholders

You can rest assured that in addition to making it incredibly easy for you to discover and get what you want from virtually any type of grocery store, retail shop or boutique within the city, we care for your privacy and keeping your personal data safe.

We believe that protecting our customers’ and business partners’ privacy is not only the right thing to do, but a part of our company values. We are committed to protecting the privacy of individuals who register to use our services and who choose to partner with us. We want to make sure we operate in accordance with the GDPR and all applicable privacy and security laws. You can contact support@wolt.com anytime in case of additional questions or if you want to request for your data.

If you want to learn more of how we process your data please visit our Terms and Conditions.

Responsible Disclosure

Security researcher, let us know of your finding!

One of the pillars of security at Wolt is our continuous cooperation with the security research community. We always welcome security reports from hackers through our bug bounty programme as well as independent researchers directly reaching out to us. For more details on our bug bounty programme or for general inquiries to our security team, please check our security.txt or send your inquiry to security@wolt.com.

Security management

We don't believe in luck. We make Wolt secure through hard work.

Wolt is a fast growing technology company. We work hard to develop user friendly solutions that are secure and available. We have a team of dedicated professionals who maintain and improve our information security practices every day. We also regularly hold security related training and awareness sessions to our employees and partners.

Our toolbox includes modern agile software development as well as Continuous Integration (CI) and Continuous Deployment (CD). All changes to code and configurations are subject to Wolt's Change Management process which includes peer review and automatic test procedures before deployment.

We follow OWASP Top 10 guidelines in our development. All network traffic is encrypted between the Wolt application and end user devices.

Technical security

Wolt security is created by emphasizing organisational culture and enforcing technical features

You can log into your Wolt account via Apple ID, Google and Facebook authentication. All three support Two-factor authentication which we recommend everyone to use. 

As part of our privacy and security policies, our employees use multi-factor authentication (e.g. password and an additional code) and strong password policies.

All our servers are located in the EU/EEA-area and we encrypt all data transitions. In addition, we have deployed Web Application Firewalls to filter authorized network traffic only. 

Data Privacy

Ensuring data privacy of our customers and stakeholders

You can rest assured that in addition to making it incredibly easy for you to discover and get what you want from virtually any type of grocery store, retail shop or boutique within the city, we care for your privacy and keeping your personal data safe.

We believe that protecting our customers’ and business partners’ privacy is not only the right thing to do, but a part of our company values. We are committed to protecting the privacy of individuals who register to use our services and who choose to partner with us. We want to make sure we operate in accordance with the GDPR and all applicable privacy and security laws. You can contact support@wolt.com anytime in case of additional questions or if you want to request for your data.

If you want to learn more of how we process your data please visit our Terms and Conditions.

Responsible Disclosure

Security researcher, let us know of your finding!

One of the pillars of security at Wolt is our continuous cooperation with the security research community. We always welcome security reports from hackers through our bug bounty programme as well as independent researchers directly reaching out to us. For more details on our bug bounty programme or for general inquiries to our security team, please check our security.txt or send your inquiry to security@wolt.com.

Security management

We don't believe in luck. We make Wolt secure through hard work.

Wolt is a fast growing technology company. We work hard to develop user friendly solutions that are secure and available. We have a team of dedicated professionals who maintain and improve our information security practices every day. We also regularly hold security related training and awareness sessions to our employees and partners.

Our toolbox includes modern agile software development as well as Continuous Integration (CI) and Continuous Deployment (CD). All changes to code and configurations are subject to Wolt's Change Management process which includes peer review and automatic test procedures before deployment.

We follow OWASP Top 10 guidelines in our development. All network traffic is encrypted between the Wolt application and end user devices.

Technical security

Wolt security is created by emphasizing organisational culture and enforcing technical features

You can log into your Wolt account via Apple ID, Google and Facebook authentication. All three support Two-factor authentication which we recommend everyone to use. 

As part of our privacy and security policies, our employees use multi-factor authentication (e.g. password and an additional code) and strong password policies.

All our servers are located in the EU/EEA-area and we encrypt all data transitions. In addition, we have deployed Web Application Firewalls to filter authorized network traffic only.