We're secure and GDPR compliant

It's our speciality

GDPR Compliance

We ensure your employee records are kept securely and in a manner compliant with GDPR. We set up record keeping, provide audit tools and handle subject access requests by your data subjects (your staff).

  • We know where your data is being held
  • You can view, amend and erase your data
  • Your data is portable, so you are not locked in
  • You control who can access your data
  • We provide you with tools to meet your responsibilities as a data controller and help your organisation keep your employee data compliant with GDPR

You can review the exact security standards we use here and read our privacy policy. You can also contact our Data Protection Officer at dpo@credentially.io

Security Features

In addition to robust data encryption in transit, in use and at rest, we carefully comply with advanced compliance and assurance programs and legislation.

  • IG SoC security compliant
  • Registered with the Data Commissioner’s Office under the Data Protection Act (2018)
  • Data stored within the UK
  • OWASP Cloud 10 compliant
  • Security of data in transit: HTTPS / SHA 256 with RSA, TLS 1.2 encryption
  • Security of data in use: OAuth2
  • Security of data at rest: AES 256-bit server file-based encryption, VPC
  • Servers audited under ISO 27001:2013, AICPA SOC1, SOC2, SOC3 and PCI-DSS
All security policies

Request a Demo

A ten minute custom walkthrough
could save you millions

10 minutes
Live walkthrough
No obligation
Free consultation