Trust Center

Built for firms that can't afford a leak.

Everything about how we host, protect, and stand behind your data — in one place. Fitzentic is engineered around SRA confidentiality duties, UK GDPR and NCSC guidance.

UK-hosted Encrypted Tenant isolation Append-only audit 2FA
How we protect your data

Security that runs through every feature.

Not a bolt-on — the platform is designed around confidentiality from the database up.

Tenant isolation

Every firm is a separate tenant, walled off at the database level with row-level security. One firm can never reach another’s data.

Three layers of access control

Tenant isolation, a full permission matrix, and record-level need-to-know visibility — a fee-earner sees their matters, accounts sees the money, never the confidential diary.

Branch separation

Multi-office firms keep each branch’s clients and matters walled off with the same database-level security.

Encryption everywhere

Data is encrypted in transit (TLS) and at rest. Documents are served only through signed, expiring, access-checked links — never public paths.

Append-only audit

Logins, document access, transfers, payments and permission changes are recorded in a log you can’t silently alter — a regulator-ready history.

Two-factor & sessions

TOTP two-factor authentication, session and device management, and lockout after repeated failed logins.

Data residency

Your firm’s data is hosted in the United Kingdom. Any processing outside the UK relies on an approved transfer mechanism. Enterprise firms can move to a fully dedicated database.

Compliance posture

Engineered around UK GDPR, SRA confidentiality duties and NCSC guidance. See our Data Processing Addendum and Privacy policy.

Reliability

We target 99.9% uptime with encrypted backups and recovery procedures. See our SLA and live status page.

Sub-processors

We use a small, vetted set of sub-processors (hosting, payments, email and the integrations you enable), each bound by equivalent data-protection obligations. We give notice before adding a new one.

See the full list

Report a vulnerability

Found a security issue? Report it privately and give us reasonable time to fix it before disclosure — we welcome responsible research. See our Acceptable Use policy.

[email protected]
Fitzentic Ltd. Registered office: United Kingdom. Contact [email protected].

Questions about security or data?

We're happy to walk your IT lead or COLP through how Fitzentic protects your firm.

Talk to us →

See Fitzentic run your firm

Book a demo