All Collections
Subscriptions, Management & Usage
Information Security Certification and PCI Compliance
Information Security Certification and PCI Compliance

Find out about's Information Security Policy, ISO27001 certification, PCI, SOC2, HIPAA and Cyber Essentials compliance

Carol Smith avatar
Written by Carol Smith
Updated over a week ago

The security and privacy of your data is the biggest consideration in everything we do since you are placing your trust in our service.

We want you to know that we’ve implemented security standards and operational processes using industry standards to protect your data. gives you all the tools and control over what data you send to our platform. You may configure your applications and/or infrastructure to only send the data you need. follows the following industry best practices to ensure security;

  • ISO 27001 certified.

  • PCI Service Provider certified.

  • Cyber Essentials certified.

  • GDPR compliant.

  • HIPAA compliant.

  • SOC 2 compliant.

  • Access to our facilities is protected by security staff with video surveillance.

ISO27001 is audited by an ISO/IEC 27001:2013 UKAS-certified auditor and is certified to ISO/IEC 27001:2013. ISO/IEC 27001:2013 is a standard for an Information Security Management System (ISMS), specifying the policies and procedures for all legal, physical, and technical controls used by an organisation to minimise risk to information.

It is’s policy to maintain an ISMS designed to meet the requirements of the ISO/IEC 27001:2013 standards in pursuit of its primary objectives, purpose and the context of the organisation. We also operate in compliance with GDPR, HIPAA and SOC 2.

To accomplish this we make use of industry-leading security tools and best practices to ensure the highest level of security at You can request a copy of the certification from your sales representative.

PCI Service Provider

At, we are committed to the security of storing, processing and transmitting credit card transactions. Through frequent assessment and auditing of our policies and processes, as well as internal scans, external penetration testing and regular network scans by an ASV, we are ensuring that we are fully adhering to credit card data compliance and security.

By meeting these high-level regulatory standards for data compliance, is able to prove our dedication to protecting our user’s credit card data.

For larger companies, it is beneficial to prioritise working with vendors and service providers who operate in compliance with PCI as this reduces the risk of payment data breaches. Breaches are more likely to occur when using third-party systems that operate outside of PCI compliance.

What Next?

Did this answer your question?