All Collections
Admin
Data and security
Is my data secure with Relative Insight?
Is my data secure with Relative Insight?

Learn about the steps Relative Insight is taking to ensure a high standard of privacy and data protection.

Trish Pencarska avatar
Written by Trish Pencarska
Updated over a week ago

Relative Insight has put a host of security measures in place to prevent your data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed, including:

ISO 27001 certification

Relative Insight Limited is ISO 27001 certified and is audited annually to ensure continued compliance.

Applicable data security policies subject to annual audit include:

  • Access control and management: who has access to our platform operations and how this access is managed

  • Data redundancy and backup: how data is kept safe and stored in the event of adversity

  • Change management: how we make sure changes are tracked and properly reviewed from a security perspective

  • Software architecture and development: we make sure security is considered at all stages of the development process

ISO Certificate - Relative Insight Limited

Dedicated Security Officer

Relative Insight has a dedicated Security Officer, who oversees ISO certification, compliance, and data protection issues.

Internal information security forums are held at least once a year where the companies security processes and compliance is reviewed and updated where necessary.

Restricted access to customer data

We limit access to your data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your data on our instructions and they are subject to a duty of confidentiality.

Documented procedures in the event of a suspected data breach

We have put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Secure infrastructure

All of our services are hosted in the cloud, and we only use established providers with the highest security certifications (ISO 27001, SOC, etc.). We do not run our own routers, load balancers, DNS servers, or physical servers when delivering our services to you.

Secure transmission of data

All data transferred in and out of Relative Insight is encrypted using hardened TLS. Relative Insight is also protected by HTTP Strict Transport Security and is pre-loaded in major browsers.

Application security

We take pride in our application security and consider it throughout the development and deployment process. This includes documented procedures for:

  • Training and reviewCode is reviewed by a senior engineer with security best practice training before being deployed to production systems.

  • Automated testing and build processesWe have an extensive set of automated testing procedures that are run for every code change.

  • Software dependenciesRelative Insight keeps up to date with software dependencies and has automated tools scanning for common security issues.

  • Development and QA environmentsThese environments are separated physically from the Relative Insight production environment. No customer data is ever used in the development or QA environments.

  • User loginsUser passwords are one-way encrypted and salted before being stored in our database.

  • Penetration testingRelative Insight performs regular penetration test audits with a contracted third party.

You can find out more about the procedures we take to ensure data security here.

Did this answer your question?