Data Security

Data security is of ever-increasing concern to all businesses. Nobody can ever claim that data and private information is 100% secure, but we work hard to make it as secure as we can.

Why we care about data security

We think that the privacy and security of your data is important. We believe that you should decide who should see your data and when. To that end, in the face of ever increasing and new threats, we do our best to secure your data.

We work on the basis of a few principles in doing this.

Email isn’t secure

Email is one of the earliest tools on the internet. It’s old technology and it isn’t secure. Over time attempts have been made to make it more secure. However sending an email is like sending a postcard - at key points in the journey the postcard (email) can be read by people who it isn’t intended for. We use Proton Mail which is encrypted end-to-end. That’s great for us, but if you don’t also use Proton Mail then the end to end chain of security is broken once it leaves us.

Because of this we work on the basis that email isn’t secure.

Online storage is generally insecure

Lots of systems such as Box, Dropbox, OneDrive…are theoretically secure and encrypted. The difficulty is that the provider of the service holds the encryption keys. This means that those keys can be lost by the provider if they are hacked, or they can be accessed by unauthorised staff of the provider.

We believe in zero knowledge end-to-end encryption. The only people who have access to the encryption keys are us and individual clients for their files stored by us. We use a secure online storage service that delivers on this goal.

Whatsapp and SMS aren’t secure either

Each of these services are theoretically secure, however they “leak” lots of information about you and who you are communicating with. In addition Meta are quite clear that they use that information from Whatsapp to target advertising at you.

We don’t believe that your communication with us should lead to you being targeted by advertising and we don’t believe that other organisations should harvest and sell metadata about your communication with us. That’s why we use Threema Messenger to communicate with our clients.

End to end encryption is good…

…and Zero Knowledge Encryption is even better. We like to do our best to ensure that even if your data is stolen, nobody can read it because it’s encrypted. To that end we use services that are end-to-end or zero knowledge encrypted wherever possible.

It’s a tough environment

We do our best and we keep adapting to try and ensure that we address new threats to data security as they arise. But we are realistic enough to know that even with everyone’s best efforts there are no 100% guarantees.