Certification
Updated: 19th January 2025
We follow security best practices and leverage the robust compliance frameworks of our cloud infrastructure providers. Our approach aligns with the UK National Cyber Security Centre's Cloud Security Principles for cloud service providers.
Infrastructure Provider Certifications
Our application is built on top of ISO 27001 certified cloud infrastructure. We carefully select providers who maintain the highest security standards:
| Certification |  ;'/%3e%3c/svg%3e) | '%20fill='%230080ff'%3e%3cpath%20d='M52.1%20102.1V82.5c20.8%200%2036.8-20.6%2028.9-42.4-3-8.1-9.4-14.6-17.5-17.5-21.8-7.9-42.4%208.1-42.4%2028.9H1.5c0-33.1%2032-58.9%2066.7-48.1%2015.2%204.7%2027.2%2016.8%2031.9%2031.9%2010.8%2034.8-14.9%2066.8-48%2066.8z'/%3e%3cpath%20d='M32.6%2063h19.5v19.5H32.6zm-15%2034.5v-15h15v15h-15zM5%2070h12.6v12.5H5z'%20fill-rule='evenodd'/%3e%3cpath%20d='M181.5%2030.2c-5.8-4-13-6.1-21.4-6.1h-18.3v58.1h18.3c8.4%200%2015.6-2.1%2021.4-6.4%203.2-2.2%205.7-5.4%207.4-9.3s2.6-8.5%202.6-13.7c0-5.1-.9-9.7-2.6-13.6-1.7-3.8-4.2-6.9-7.4-9zm-29%203.8h5.8c6.4%200%2011.7%201.3%2015.7%203.7%204.4%202.7%206.7%207.8%206.7%2015.1%200%207.6-2.3%2012.9-6.7%2015.8-3.8%202.5-9.1%203.8-15.6%203.8h-5.8V34z'/%3e%3cuse%20xlink:href='%23A'/%3e%3cpath%20d='M199%2041.3h10.3v41H199zm47.8%203.4c-3.1-2.8-6.6-4.4-10.3-4.4-5.7%200-10.4%202-14.1%205.8s-5.5%208.8-5.5%2014.7c0%205.8%201.8%2010.7%205.5%2014.7%203.7%203.8%208.4%205.8%2014.1%205.8%204%200%207.4-1.1%2010.2-3.3v1c0%203.4-.9%206-2.7%207.9-1.8%201.8-4.3%202.7-7.4%202.7-4.8%200-7.7-1.9-11.4-6.8l-7%206.7.2.3c1.5%202.1%203.8%204.2%206.9%206.2s6.9%203%2011.5%203c6.1%200%2011.1-1.9%2014.7-5.6%203.7-3.7%205.5-8.7%205.5-14.9V41.3h-10.1v3.4zm-2.7%2024.2c-1.8%202-4.1%203-7.1%203s-5.3-1-7-3c-1.8-2-2.7-4.7-2.7-8s.9-6.1%202.7-8.1%204.1-3.1%207-3.1c3%200%205.3%201%207.1%203.1%201.8%202%202.7%204.8%202.7%208.1s-1%206-2.7%208zm21.6-27.6H276v41h-10.3z'/%3e%3cuse%20xlink:href='%23A'%20x='66.7'/%3e%3cpath%20d='M298.6%2030.3h-10.1v11.1h-5.9v9.4h5.9v17c0%205.3%201.1%209.1%203.2%2011.3s5.8%203.3%2011.1%203.3c1.7%200%203.4-.1%205-.2h.5v-9.4l-3.5.2c-2.5%200-4.1-.4-4.9-1.3s-1.2-2.7-1.2-5.4V50.7h9.6v-9.4h-9.6v-11zm57.9-6.2h10.3v58.1h-10.3zm114.4%2043.5c-1.8%202.1-3.7%203.9-5.2%204.8-1.4.9-3.2%201.4-5.3%201.4-3%200-5.5-1.1-7.5-3.4s-3-5.2-3-8.7%201-6.4%202.9-8.6c2-2.3%204.4-3.4%207.4-3.4%203.3%200%206.8%202.1%209.8%205.6l6.8-6.5c-4.4-5.8-10.1-8.5-16.9-8.5-5.7%200-10.6%202.1-14.6%206.1s-6%209.2-6%2015.3%202%2011.2%206%2015.3%208.9%206.1%2014.6%206.1c7.5%200%2013.5-3.2%2017.5-9.1l-6.5-6.4zM513.2%2047c-1.5-2-3.5-3.7-5.9-4.9-2.5-1.2-5.3-1.8-8.5-1.8-5.8%200-10.5%202.1-14%206.3-3.4%204.2-5.2%209.3-5.2%2015.4%200%206.2%201.9%2011.3%205.7%2015.3%203.7%203.9%208.8%205.9%2014.9%205.9%206.9%200%2012.7-2.8%2016.9-8.4l.2-.3-6.7-6.5c-.6.8-1.5%201.6-2.3%202.4-1%201-2%201.7-3%202.2-1.5.8-3.3%201.1-5.2%201.1-2.9%200-5.2-.8-7-2.5-1.7-1.5-2.7-3.6-2.9-6.2h27.3l.1-3.8c0-2.7-.4-5.2-1.1-7.6-.7-2.3-1.8-4.5-3.3-6.6zm-22.5%209.7c.5-2%201.4-3.6%202.7-4.9%201.4-1.4%203.2-2.1%205.4-2.1%202.5%200%204.4.7%205.7%202.1%201.2%201.3%201.9%202.9%202.1%204.8h-15.9zm62.1-12.3c-3.1-2.7-7.4-4-12.8-4-3.4%200-6.6.8-9.5%202.2-2.7%201.4-5.3%203.6-7%206.6l.1.1%206.6%206.3c2.7-4.3%205.7-5.8%209.7-5.8%202.2%200%203.9.6%205.3%201.7s2%202.6%202%204.4v2c-2.6-.8-5.1-1.2-7.6-1.2-5.1%200-9.3%201.2-12.4%203.6s-4.7%205.9-4.7%2010.2c0%203.8%201.3%207%204%209.3%202.7%202.2%206%203.4%209.9%203.4s7.6-1.6%2010.9-4.3v3.4h10.1V55.9c.2-4.9-1.4-8.8-4.6-11.5zm-18.3%2022.2c1.2-.8%202.8-1.2%204.9-1.2%202.5%200%205.1.5%207.8%201.5v4C545%2073%20542%2074%20538.3%2074c-1.8%200-3.2-.4-4.1-1.2s-1.4-1.7-1.4-3%20.6-2.4%201.7-3.2zm62.7-21.4c-2.9-3.2-6.9-4.8-12-4.8-4.1%200-7.4%201.2-9.9%203.5v-2.5h-10.1v41h10.3V59.7c0-3.1.7-5.6%202.2-7.3%201.5-1.8%203.4-2.6%206.1-2.6%202.3%200%204.1.8%205.4%202.3%201.3%201.6%202%203.7%202%206.4v23.7h10.3V58.5c0-5.6-1.4-10.1-4.3-13.3zm-253.6-.8c-3.1-2.7-7.4-4-12.8-4-3.4%200-6.6.8-9.5%202.2-2.7%201.4-5.3%203.6-7%206.6l.1.1%206.6%206.3c2.7-4.3%205.7-5.8%209.7-5.8%202.2%200%203.9.6%205.3%201.7s2%202.6%202%204.4v2c-2.6-.8-5.1-1.2-7.6-1.2-5.1%200-9.3%201.2-12.4%203.6s-4.7%205.9-4.7%2010.2c0%203.8%201.3%207%204%209.3%202.7%202.2%206%203.4%209.9%203.4s7.6-1.6%2010.9-4.3v3.4h10.1V55.9c.1-4.9-1.5-8.8-4.6-11.5zm-18.3%2022.2c1.2-.8%202.8-1.2%204.9-1.2%202.5%200%205.1.5%207.8%201.5v4c-2.2%202.1-5.2%203.1-8.9%203.1-1.8%200-3.2-.4-4.1-1.2s-1.4-1.7-1.4-3%20.5-2.4%201.7-3.2zm78.9%2016.5c-16.5%200-30-13.4-30-30s13.4-30%2030-30c16.5%200%2030%2013.4%2030%2030s-13.5%2030-30%2030zm0-49.3c-10.7%200-19.4%208.7-19.4%2019.4s8.7%2019.4%2019.4%2019.4%2019.4-8.7%2019.4-19.4-8.7-19.4-19.4-19.4z'/%3e%3c/g%3e%3cdefs%3e%3cpath%20id='A'%20d='M204.3%2023.4c-1.8%200-3.3.6-4.5%201.8s-1.9%202.7-1.9%204.4c0%201.8.6%203.3%201.9%204.5%201.2%201.2%202.7%201.9%204.5%201.9s3.3-.6%204.5-1.9c1.2-1.2%201.9-2.8%201.9-4.5%200-1.8-.6-3.3-1.9-4.4-1.2-1.2-2.8-1.8-4.5-1.8z'/%3e%3c/defs%3e%3c/svg%3e)  |   |
|---|---|---|---|
| ISO 27001 | On Request | On Request | Public |
| SOC 2 Type II | On Request | On Request | On Request |
| SOC 3 | On Request | Public | On Request |
Request Security Documentation
Some of our providers require NDAs or registration to access detailed compliance documentation. If you need specific compliance reports or certifications for security review purposes, please email [email protected] and we'll guide you through the process.
Security Responsibilities
Responsibility is shared between the cloud provider and the customer, in the Cloud Security Shared Responsibility Model.
Cloud provider responsibilities:
- Physical data center security
- Host infrastructure security
- Network security and flow controls
- Operating system security
- Storage infrastructure security and encryption
- Compliance certifications for infrastructure
Our responsibilities:
- Application-level security
- Identity and access management
- User authentication
- Application performance monitoring
- Customer data privacy
- Security incident response
Our security approach is aligned with the principles published by the National Cyber Security Centre (NCSC):
We leverage our providers' robust security controls while implementing additional application-level protections to ensure comprehensive security coverage.
For detailed information about our security practices, please review our Security Policy or contact our team.