Your security questions answered

You can read our security overview, know that we are GDPR compliant, but some of you will have specific security questions you’d like the answer to.

So we’ve compiled a list of short answers to help you complete those internal security questionnaires.

Yes to all of these:

  • Is data encrypted in transit over HTTPS?
  • Is data encrypted at rest?
  • Is data hosted in the EU?
  • Are passwords hashed and salted?
  • Is Database access firewalled and user restricted?
  • Do staff have to sign confidentiality agreements?
  • Do you do regular software updates?
  • Are hardware devices on laptops encrypted?
  • Do you host in the cloud, with Amazon Web Services?
  • Do you provide an up to date list of 3rd party processors?
  • Can we use Single Sign On?

No to all of these:

  • Do you store debit/credit card details?
  • Do you store data outside the EU?
  • Do contractors have access to client data?
  • Do you outsource software development?
  • Do you sell data?

Need more information?

We’re happy to look at your security questionaires, although we would need to discuss a bespoke procurement plan. Please contact our support team