— Security & Compliance

We build seriously. And we prove it.

We operate on audited cloud infrastructure and follow internationally recognised principles. Below you'll find a summary of the frameworks, links to our policies and a formal documentation request form.

ISO 27001

Applied

Information security management principles applied across the entire development and operations lifecycle.

Access management on a least-privilege basis
Information asset inventory and classification
Periodic risk reviews and mitigation plan
Documented incident response procedure

GDPR

Compliant

Personal data handled in line with the EU regulation. Privacy by design on every project.

DPA signed with every client
Sub-processors listed publicly
Right to erasure and portability implemented
72h breach notification

SOC 2 Type II

Via infrastructure

Built on cloud providers with audited controls for security, availability and confidentiality.

Continuous availability monitoring
Encryption in transit and at rest
Backups with retention and restore drills
Centralised logs with defined retention

— Policies

Documentation in the open.

The documents below are available on request. Sensitive materials (e.g. pentest reports) require an NDA — use the form below.

— Documentation request

Request the documents you need.

We review each request manually. NDA-bound materials are sent after digital signature. We reply within 48 working hours.