Trust & Compliance
Compliance & Certifications
We take data protection seriously. Here's how we keep your business data safe and compliant.
Certifications & Standards
Our commitment to security and compliance through industry-recognized frameworks.
GDPR
CompliantGeneral Data Protection Regulation
Full compliance with EU data protection requirements including data subject rights, lawful processing, and international transfers.
UK DPA 2018
CompliantUK Data Protection Act
Adherence to UK-specific data protection requirements following Brexit, including ICO registration.
SOC 2 Type II
In ProgressService Organization Control 2
Currently undergoing SOC 2 Type II audit covering security, availability, and confidentiality controls.
ISO 27001
Planned 2025Information Security Management
ISO 27001 certification planned for Q2 2025 to formalize our information security management system.
What we do to protect you
Data Protection
- Lawful basis for processing under GDPR Article 6
- Data Processing Agreements with all sub-processors
- Data subject access request handling within 30 days
- Right to erasure and data portability
- Privacy by design in product development
Security Controls
- AES-256 encryption for data at rest
- TLS 1.3 encryption for data in transit
- Multi-factor authentication available
- Role-based access controls
- Regular penetration testing
Data Residency
- Primary data storage in UK (London)
- EU backup storage (Frankfurt)
- No data transfer outside UK/EU without consent
- Data Processing Addendum available
- Standard Contractual Clauses supported
Operational Security
- 24/7 infrastructure monitoring
- Incident response procedures
- Business continuity planning
- Regular security training for employees
- Background checks for all staff