Your security questions answered

Last updated: 2 March 2026

We're GDPR compliant and you can read our Privacy Policy for the full details.

If you've got an internal security questionnaire to fill in, here are quick answers to the questions we often get asked.

❌ No, not a chance

• Do you store debit/credit card details?
• Do you store data outside the EU?
• Do you sell data?

✅ Yes, absolutely

• Is data encrypted in transit over HTTPS?
• Is data encrypted at rest?
• Is data hosted in the EU?
• Are passwords hashed and salted?
• Do you have remote backups?
• Are backups encrypted?
• Do you have protection from DDoS attacks?
• Do staff have to sign confidentiality agreements?
• Do you do regular software updates?
• Do you monitor and disclose service uptime?
• Are hardware devices on laptops encrypted?
• Can I have audit reports for account activity?
• Can I take backups of our data to Excel?