Compliance & Security

Enterprise-grade security and compliance for UK public sector procurement. Your data is protected by design.

Our Certifications

GDPR Compliant

Certified

ICO Registered - October 2025

Full compliance with UK GDPR and Data Protection Act 2018. Registered with the Information Commissioner's Office (ICO).

Data Encryption

Certified

AES-256 & TLS 1.3

End-to-end encryption for data at rest and in transit using industry-standard protocols provided by Google Cloud Platform.

UK Data Residency

Certified

Google Cloud London (europe-west2)

All customer data stored in UK-based data centers in London, never leaving UK/EU jurisdiction.

Cyber Essentials

Roadmap Q2 2026

Application planned

Government-backed cybersecurity certification. Application planned for Q2 2026 as we scale to public sector contracts.

Security Measures

Data Encryption

End-to-end encryption (AES-256) for data at rest and TLS 1.3 for data in transit

Access Controls

Role-based access control (RBAC) with multi-factor authentication (MFA) for all users

Regular Audits

Quarterly security audits and penetration testing by independent third parties

Data Residency

All data stored in UK-based data centers (Google Cloud europe-west2 London)

Backup & Recovery

Automated daily backups with 30-day retention and 4-hour recovery time objective (RTO)

Incident Response

24/7 security monitoring with documented incident response procedures

Industry-Specific Compliance

We understand that each industry has unique compliance requirements. Our platform supports tender responses across 27 sectors with industry-specific guidance.

Construction

CDM 2015BS 5975ISO 9001ISO 45001

IT & Software

ISO 27001PCI DSSSOC 2Cyber Essentials Plus

Healthcare

CQC StandardsIG ToolkitNHS DSP ToolkitISO 27001

Professional Services

FCA RegulationsSRA StandardsISO 9001

Facilities Management

ISO 14001ISO 45001OHSAS 18001BICS

Your Data, Your Control

You own your data - we never sell or share with third parties

Export your data anytime in CSV or JSON format

Delete your account and all data with one click

GDPR-compliant data processing agreements available

Questions About Compliance?

Our security team is happy to answer questions about our certifications, conduct security reviews, or provide compliance documentation.

Contact Security Team