Your data, protected
Enterprise-grade security and compliance. Transparency you can verify.
Our commitment to security
At Jenesys, security isn't an afterthought — it's foundational. We handle sensitive financial data for accounting practices and their clients, and we take that responsibility seriously.
We've built our platform with security and compliance at the core: encryption in transit and at rest, strict access controls, regular security assessments, and compliance with UK and international data protection standards.
We're transparent about our security posture because we believe you should be able to verify, not just trust.
GDPR Compliant
Full UK and EU compliance.
Fully compliant with the UK GDPR and EU GDPR. We process data lawfully, transparently, and with appropriate safeguards.
SOC 2 Certified
Independently audited controls.
Our security controls are independently audited. SOC 2 Type I report available upon request in our data room.
UK & EU Data Residency
Your data stays where it should.
We use UK and EU-based infrastructure with no unauthorized transfers. Data sovereignty guaranteed.
Encryption Everywhere
End-to-end protection.
AES-256 encryption at rest. TLS 1.3 in transit. Your data is protected across every touchpoint.
How we handle your data
Access Control
Principle of least privilege.
Role-based permissions. No unauthorized access.
Audit Logging
Full traceability.
Every action logged and traceable. Full audit trail available.
Backup & Recovery
Business continuity assured.
Regular automated backups. Tested disaster recovery procedures.
Vendor Management
Vetted third parties only.
Third-party vendors vetted for security. Sub-processor list available.
Incident Response
72-hour notification guarantee.
Documented incident response plan. Notification within required timeframes.
Employee Security
Trained and verified team.
Background checks. Security training. Confidentiality agreements.
Infosec & Commercial Data Room
Full transparency on request.
For detailed security documentation, compliance certificates, and commercial information, we maintain a secure data room.
Available in the data room:
- Security policies and procedures
- SOC 2 report (under NDA)
- GDPR documentation
- Sub-processor list
- Penetration test summary
- Insurance certificates
- Standard contract terms
Request Access
1 business day response time.
Complete the form below and we'll review your request within 1 business day.
Frequently asked questions
All data is stored on UK and EU-based infrastructure. We use cloud providers with data residency guarantees. No data is transferred outside approved jurisdictions without explicit consent.
We have completed SOC 2 Type I certification and are progressing toward Type II. Our SOC 2 report is available under NDA via our data room.
We have a documented incident response plan. In the event of a breach affecting your data, we will notify you within 72 hours as required by GDPR, and provide full details of the incident and remediation steps.
Yes. Request access to our data room and you'll receive our full security documentation including policies, procedures, and audit reports.
Yes, we use a limited number of vetted sub-processors for specific functions (e.g., cloud hosting, email delivery). A complete sub-processor list is available in our data room.
Upon cancellation, your data is retained for 30 days to allow for export, then permanently deleted. We provide data export in standard formats upon request.
Yes. We provide a standard Data Processing Agreement that meets GDPR requirements. Custom DPA terms can be discussed for enterprise clients.
For security enquiries, email security@jenesys.co. We aim to respond within 2 business days.
Questions about security?
Our team is happy to discuss your specific requirements.