Security Controls

We implement technical and organisational measures to protect your data. Our controls are aligned with Cyber Essentials requirements.

Multi-Factor Authentication

MFA enforced for administrative access

Least Privilege Access

Role-based access controls (RBAC)

Encryption

TLS in transit; encryption at rest where supported

Secure Development

Code review, dependency management, secrets management

Audit Logging

Access and activity logging for security monitoring

Incident Response

Defined procedures for breach detection and notification

Backups

Regular backups with tested restore procedures

Rate Limiting

Fair use controls and abuse monitoring

Certifications & Standards

Cyber Essentials

Certification in progress - controls aligned with CE requirements

UK GDPR

Compliant with UK General Data Protection Regulation

Infrastructure Security

Hosting: Vercel (London region - lhr1) for UK data residency
Database: Supabase (EU region - London) with encryption at rest
Network: HTTPS enforced, HSTS headers, secure cookie attributes

Report a Security Vulnerability

If you discover a security vulnerability, please report it responsibly to security@meetgeorge.co.uk. We take all reports seriously and will respond promptly.

Security, Privacy & Compliance