/ Legal & compliance
Security & Compliance
Clear information about how Secremedy operates, protects data, and works with customers.
Effective 14 July 2026
Security approach
We apply defence in depth and proportionate controls to the website and customer engagements. Controls include least privilege, strong authentication, secure configuration, patching, logging, encrypted transport, protected backups where applicable, supplier review and incident response.
Service assurance
Every engagement has a written scope and named contacts. Penetration testing requires explicit authorisation and rules of engagement. Sensitive findings and credentials use agreed secure channels. Access is removed when it is no longer required.
Data protection
Our public Privacy Notice, DPA and Subprocessor List explain our roles and safeguards.
Certifications and claims
We do not claim a certification, accreditation or regulatory status unless it is current, documented and explicitly stated here or in an Order. Customer compliance always depends on the customer’s own scope, implementation and evidence.
Report a concern
Security researchers should follow our disclosure policy or email [email protected].