Independently audited and certified to global security standards.
ISO 27001 Certified
Our information security management system is certified to ISO 27001, demonstrating a systematic and ongoing approach to managing sensitive company and customer information.
We use global best-practice security frameworks to ensure your data is protected.
End-to-end encryption
HTTPS/TLS encryption for data in transit, plus encryption at rest for all tables and storage buckets.
Proven infrastructure
Data hosted on leading infrastructure providers (SOC1, SOC2, SOC3 and ISO27001 certified).
In-region storage
Data can be stored on databases in-region to align with jurisdiction.
Your data remains private and under your control.
Data isolation
Segregated by account/organisation to prevent cross-contamination.
Role-based access controls
Role based access controls allow precise control for user access to data within an organisation.
AI safeguards
AI data protection; your data is not used to train external public models and is not shared without your consent.
We actively monitor, test, and improve our defences to stay ahead of threats.
Vendor evaluations
Regular reviews of third-party providers to ensure alignment with industry-leading practices.
Penetration testing
Routine system and application testing, including covering vulnerabilities identified by the Open Web Application Security Project (OWASP).
Staff training
Ongoing employee training in privacy and security including compliance with regional privacy principles.
You control access and your data.
SSO / SAML
Single sign-on via SAML 2.0 so your team authenticates through your existing identity provider, with multi-factor authentication enforced at login.
Audit trails
Every action on the platform is logged and traceable, giving you a complete record of who did what and when.
Granular permissions
Role-based access controls let you define exactly who can view, edit, or approve information within your organisation.