Security and Compliance

Security and Compliance

Security and Compliance Measures in Cyclr

We take data security and compliance very seriously and have a number of established measures and protocols to ensure your client data is secure and under your control.


Cyclr is a UK based company and is fully GDPR compliant. We keep both UK and EU GDPR legislation under regular review and adapt our working practices as the legislation itself adapts.

As Joint Data Processor we are transparent with how data is handled and processed within Cyclr. 

The following links provide further useful information :


Our Data Protection Agreement  – DATA PROTECTION AGREEMENT


SOC2 Audited

SOC2 Audited

Cyclr has been assessed by an independent auditor as being SOC 2 Level 1 compliant – which means that Cyclr meets the service commitments and system requirements based on the SOC 2 trust service criteria.

Cyclr is progressing towards SOC 2 Level 2 compliance which involves continuing and regular SOC 2 audits that are conducted by an independent, third-party auditor. 

Contact us to request a copy of our latest SOC 2 audit.

Vulnerability and Penetration Testing

We undertake regular internal vulnerability tests. We also regularly commission independent third party penetration and vulnerability tests. 

Private Cloud

Our shared service instances offer high levels of compliance and security, delivered using AWS and with a choice of geographic locations – UK, EU, USA or APAC.

However, we understand that some organisations want complete control over how and where their data is processed. In order to meet this need we also offer single or multiple Private Cloud implementations of Cyclr. 

Private cloud deployments are currently available in any geographic location supported by AWS or Azure. 

In addition you can elect to have Cyclr deployed into your own AWS or Azure account (in a dedicated and ring-fenced environment) meaning that no data is processed outside of an environment directly controlled by you. To enquire about our Private Cloud / Enterprise level deployments please follow this link.