We store and process data in compliance with the U.K. Data Protection Act, the EU Data Protection Directive, and the general principles of the EU General Data Protection Regulation, enforceable on May 25, 2018.

Our infrastructure provider is fully compliant with the Cloud Infrastructure Services Providers in Europe (CISPE) Code of Conduct. Our infrastructure provider uses external auditors to verify the adequacy of its security measures, including the security of the physical data centres from which the services are provided. This audit: will be performed at least annually; will be performed according to ISO 27001 standards or such other alternative standards that are substantially equivalent to ISO 27001; will be performed by independent third party security professionals.

Did this answer your question?