All data is stored on an enterprise-level server hosted in a state of the art UK data centre protected by the following security controls:
- Own dedicated compound
- 24-hour manned security, and manned physical access points
- Access by approved personnel only
- Physical access logging and monitoring
- CCTV and automatic intrusion detection
- Full back-up power supply
- Temperature and humidity controls, with continual climate monitoring
- Automatic fire detection and suppression
- Strict asset management protocols
- Automated redundancies in the event of hardware failure
- Regular maintenance of hardware and mechanical systems
- Round the clock monitoring of all infrastructure
All data is encrypted at rest, as well as in transit using 2048-bit TLS end-to-end encryption, and the server is protected by in-built network firewalls. The system database is backed-up on a daily basis to a geographically separate secure cluster also located in the UK, with back-ups held on a seven-day rolling basis.
Our server infrastructure provider and server management team are both ISO27001 certified, and have confirmed compliance with the GDPR and UK DPA.