Our Commitment
We are committed to protecting the confidentiality, integrity, and availability of the information we process and the services we provide.
Our Information Security Management System (ISMS) is certified to ISO/IEC 27001, demonstrating our commitment to maintaining effective and internationally recognised security practices.
This statement applies to all systems, services, employees, and third parties involved in the delivery and support of our SaaS platform.
Security Principles
Confidentiality
We safeguard information against unauthorised access and disclosure.
Integrity
We protect information from unauthorised modification and ensure its accuracy and reliability.
Availability
We design and operate our systems to ensure information is accessible to authorised users when needed.
Risk Management
Information security risks are identified, assessed, and managed in line with our ISMS to ensure appropriate controls are in place.
Key Practices
Access Control
Access to systems and data is granted based on role and legitimate business need, following the principle of least privilege.
Data Protection
We handle personal and business-critical data in compliance with GDPR and all applicable data protection regulations.
Device Security
Company-issued devices are configured with approved security controls, including encryption and endpoint protection.
Network Security
Secure communication protocols (such as TLS) and controlled remote access mechanisms are used to protect data in transit.
Incident Management
Security incidents are managed through a defined process, including escalation, investigation, and customer notification where required.
Training & Awareness
All employees receive regular information security training to ensure awareness of their responsibilities.
Third-Party Management
Suppliers and partners are assessed and expected to maintain security standards appropriate to the services they provide.
Responsibilities
All employees are responsible for following company security policies and reporting suspected incidents or weaknesses.
Management ensures appropriate resources, oversight, and governance are in place to support and maintain the ISMS.
Continuous Improvement
We conduct regular internal reviews and independent external audits to ensure ongoing effectiveness of our ISMS.
Security objectives are reviewed at least annually as part of management review, and controls are continually improved to respond to evolving risks and threats.
