Security & Compliance

Your Data is Safe.
Full Stop.

We handle customer data for some of the biggest brands in the UK. Our platform is built to meet the toughest security and compliance standards in finance, insurance, and the public sector.

Account Security

Your Accounts, Locked Down

You decide who has access to your AI assistant. We secure every account with enterprise-grade protections.

Two-factor authentication (2FA)
Granular role-based access control
Integration with external identity providers on request
256-bit AES encryption at rest
TLS 1.2 for encrypting data in transit

Data Protection

Responsible Data Processing

As the data processor, we store your conversation information and review its content responsibly. Personal data is protected at every stage.

Removal of personal data (redaction)
Regular penetration testing by a CREST member company with NCSC CHECK Green Light status
Principle of Least Privilege
SOC 2 compliant data centres

Compliance

Built for Regulated Industries

Our compliance standards are robust enough for insurance companies, finance providers, and public sector organisations with strict governance requirements.

GDPR compliant
Designed to WCAG 2.1 AA standard including screen readers, keyboard navigation, and colour management
Cyber Essentials Plus certified
PCI Data Security Standard (PCI DSS) compliant for online payments
All data stored in the UK or EU

Cloud Infrastructure

Hosted on AWS

Our platform runs on Amazon Web Services, with the highest security features, reliability, and scalability available.

Backups stored within the UK/EU for 13 months
Physical security of data centres provided by AWS
No data is accessible by cloud providers
Automatic DDoS protection
Automatic dependency scanning within software
Scanning of third-party software
IP address blocking
Patches released in line with severity

Questions About Security?

If you have questions about security or compliance in your industry, book a call and we'll talk you through it.

Book a Call →