Built for firms that can't afford a leak.
Everything about how we host, protect, and stand behind your data — in one place. Fitzentic is engineered around SRA confidentiality duties, UK GDPR and NCSC guidance.
Security that runs through every feature.
Not a bolt-on — the platform is designed around confidentiality from the database up.
Tenant isolation
Every firm is a separate tenant, walled off at the database level with row-level security. One firm can never reach another’s data.
Three layers of access control
Tenant isolation, a full permission matrix, and record-level need-to-know visibility — a fee-earner sees their matters, accounts sees the money, never the confidential diary.
Branch separation
Multi-office firms keep each branch’s clients and matters walled off with the same database-level security.
Encryption everywhere
Data is encrypted in transit (TLS) and at rest. Documents are served only through signed, expiring, access-checked links — never public paths.
Append-only audit
Logins, document access, transfers, payments and permission changes are recorded in a log you can’t silently alter — a regulator-ready history.
Two-factor & sessions
TOTP two-factor authentication, session and device management, and lockout after repeated failed logins.
Data residency
Your firm’s data is hosted in the United Kingdom. Any processing outside the UK relies on an approved transfer mechanism. Enterprise firms can move to a fully dedicated database.
Compliance posture
Engineered around UK GDPR, SRA confidentiality duties and NCSC guidance. See our Data Processing Addendum and Privacy policy.
Reliability
We target 99.9% uptime with encrypted backups and recovery procedures. See our SLA and live status page.
Sub-processors
We use a small, vetted set of sub-processors (hosting, payments, email and the integrations you enable), each bound by equivalent data-protection obligations. We give notice before adding a new one.
See the full list →Report a vulnerability
Found a security issue? Report it privately and give us reasonable time to fix it before disclosure — we welcome responsible research. See our Acceptable Use policy.
[email protected] →Questions about security or data?
We're happy to walk your IT lead or COLP through how Fitzentic protects your firm.
Talk to us →