Security and Compliance
Security and Compliance Measures in Cyclr
We take data security and compliance very seriously and have a number of established measures and protocols to ensure your client data is secure and under your control.
SOC 2 Type II
Cyclr has been assessed by an independent auditor as being SOC 2 Type II accredited – which means that Cyclr meets the service commitments and system requirements based on the SOC 2 trust service criteria.
Cyclr is is committed to providing the highest levels of data security and process transparency which is why we continue regular SOC 2 audits that are conducted by an independent, third-party auditor.
Contact us to request a copy of our latest SOC 2 audit.
Cyclr is a UK based company and is fully GDPR compliant. We keep both UK and EU GDPR legislation under regular review and adapt our working practices as the legislation itself adapts.
As Joint Data Processor we are transparent with how data is handled and processed within Cyclr.
The following links provide further useful information :
Our Data Protection Agreement – DATA PROTECTION AGREEMENT
Our GDPR measures – OUR GDPR MEASURES
Vulnerability and Penetration Testing
We undertake regular internal vulnerability tests. We also regularly commission independent third party penetration and vulnerability tests.
Our shared service instances offer high levels of compliance and security, delivered using AWS and with a choice of geographic locations – UK, EU, USA or APAC.
However, we understand that some organisations want complete control over how and where their data is processed. In order to meet this need we also offer single or multiple Private Cloud implementations of Cyclr.
Private cloud deployments are currently available in any geographic location supported by AWS or Azure.
In addition you can elect to have Cyclr deployed into your own AWS or Azure account (in a dedicated and ring-fenced environment) meaning that no data is processed outside of an environment directly controlled by you. To enquire about our Private Cloud / Enterprise level deployments please follow this link.