Data protection
Reviewed 22 March 2026
Encryption in transit and at rest
TLS 1.2+ everywhere, AES-256 at rest, and managed KMS keys.
Download PDF
Owner: Head of Security
All customer data transmitted to or from our platform is protected with TLS 1.2 or higher. HSTS is enforced on all customer-facing domains.
At rest, customer data is encrypted using AES-256. Backups are encrypted with separate keys held by a cloud-managed KMS, and key rotation is enforced annually.