Your data is yours. We are its custodians.
Our architecture and policies are designed to provide the strongest possible data isolation and give you full control over your data, in line with UK GDPR.
Our commitment to UK GDPR
We are fully compliant with UK GDPR.
We provide customers with a clear choice of data residency. All customer data, including backups, is processed and stored exclusively within your chosen geographical region (UK or EU).
Data is never moved outside this region without explicit customer consent.
For all data privacy enquiries, contact our governance team at datacompliance@iplicit.com.
Data Protection policy
This policy sets out iplicit’s commitment to ensuring that any personal data, including special category personal data, which iplicit processes, is carried out in compliance with applicable data protection laws
The strongest form of data protection
Architectural isolation: 'Database-per-Tenant'
We have implemented a 'database-per-tenant' model. Your data is *never* co-mingled. It resides in its own dedicated, logically separate Azure SQL Database. This architectural choice provides the highest possible degree of data isolation.
Verifiable deletion: 'Cryptographic erasure'
This model enables true, verifiable data deletion. Upon contract termination, we perform 'Cryptographic Erasure' (crypto-shredding). We permanently delete your tenant-specific encryption key, which renders all backup copies of your data permanently and verifiably unrecoverable.
Need more detail?
For specific attestations, like our Penetration Test Summary or a pre-filled security questionnaire, please use our simple 'Trust Request' form. This is a low-friction verification step that avoids legal NDAs for most requests.
