How It Works Digital Workers Pricing For Accountants Security About Book Free Assessment โ†’

Security & Compliance

Enterprise security.
SME simplicity.

Your business data is handled using infrastructure that meets the same standards as UK banking systems. Security is the foundation, not a feature โ€” and we're happy to prove it.

๐Ÿ”

UK GDPR compliant

All processing complies with UK GDPR. We act as your Data Processor โ€” you remain the Controller at all times. A clear Data Processing Agreement is signed with every client.

๐Ÿ‡ฌ๐Ÿ‡ง

UK / EU data hosting

Workflow logic can be hosted on UK or EU-based servers upon request. Your data stays in jurisdiction. We'll confirm the hosting location in writing before you sign.

๐Ÿ”’

Encrypted connections

All data encrypted in transit using TLS 1.2+. Only enterprise-grade API integrations are used โ€” no consumer-tier tools or unofficial connectors.

๐Ÿค–

Private AI processing

Data is processed via private API endpoints. Your data is never used to train public AI models. Processing is isolated to your workflow and discarded on task completion.

๐Ÿ‘๏ธ

Strict access controls

Principle of least privilege applies throughout. We only access what is strictly necessary to execute the automation โ€” nothing more. Full access logs are maintained.

๐Ÿ“‹

Plain-English SLA contract

Our Managed Automation Agreement is written in plain English. It clearly defines what we do, what we don't do, what we can't do with your data, and your rights at all times.

We explicitly do not:

โœ•Store client data beyond task completion
โœ•Sell or share any information with third parties
โœ•Access client systems without explicit authorisation
โœ•Train AI models on your data โ€” ever
โœ•Use consumer-grade or unsecured integrations
โœ•Audit or read source data content beyond task scope

Data processing

How your data flows

When a Digital Worker processes a document or message, the data flows as follows:

01

Received via secure API

Your tool (Xero, WhatsApp, email) sends data to the workflow via an encrypted API connection.

02

Processed in isolation

AI processes only the specific content needed. Your data is handled in an isolated environment, not a shared pipeline.

03

Output delivered

Results are written directly to your destination system (Xero, SharePoint, CRM) via the same encrypted connection.

04

Data discarded

Input data is discarded immediately on task completion. It is not cached, logged to readable storage, or retained in any form.

Your rights under our agreement

  • โœ“Right to audit our data handling practices
  • โœ“Right to request all data associated with your account
  • โœ“Right to terminate access and delete all records
  • โœ“Right to receive processing activity logs on request
  • โœ“Breach notification within 72 hours if applicable

Have specific compliance requirements?

We're happy to answer security questions, share our DPA, or arrange a compliance call before you commit.

Get in touch

Ready to automate with confidence?

Book a free assessment and we'll walk you through our security setup alongside your automation plan.

Book free assessment