Security & data

Strong by default.

Our infrastructure only uses established, secure and credentialled solutions.

Identity & access

  • Platform admin auth
  • Account lockouts
  • Session integrity

Tenant isolation

  • One tenant per record
  • Cross-tenant access blocked
  • Server-side authorisation

Application integrity

  • Input validation
  • Replay-safe webhooks
  • Admin audit trail

Hosting & operations

  • UK / EU residency
  • Encrypted at rest and in transit
  • Region-local backups
  • Secrets management
  • Dependencies patched
  • Error monitoring

Overview — contact us directly for full CTO / CIO tech stack briefing information.

Enterprise level infrastructure.

AWS
  • SOC 2 Type II
  • ISO 27001
Supabase
  • SOC 2 Type II
  • HIPAA-ready
Vercel
  • SOC 2 Type II
  • ISO 27001
GitHub
  • SOC 2 Type II
  •  
Anthropic
  • SOC 2 Type II
  • ISO 27001
Stripe
  • PCI DSS L1
  • SOC 2 Type II
Resend
  • SOC 2 Type II
  • GDPR-compliant
Sentry
  • SOC 2 Type II
  • ISO 27001

All tenant data lives in AWS London (eu-west-2). UK GDPR and EU GDPR scope. Multi-region residency is on the enterprise roadmap — get in touch and we’ll align to your procurement timeline.

Frequently asked questions