Preloader

Data Security Policy

Get In Touch

Published: 19 May 2025
Due For Renewal: 18 May 2026

Aim

The aim of True Compliances data security policy is to twofold. Firstly, to prevent unauthorised access or distribution of data entered into the application. Secondly, to maintain the persistence, integrity and availability of the data to legitimate users.

Overview

True Compliance is hosted on the Amazon Web Services (AWS) platform. The data is stored in the London data centre. We use the RDS service to provide the database servers, and the S3 service as a file store. Amazon are well known for the high level of physical security they employ at their data centres. It is highly unlikely that any physical theft would happen onsite.

We also have a replication of the data in a different format on the Atlas MongoDB service, which ultimately also resides in the AWS London Data Center.

Data for our purposes is comprised of the database, and the copies of all the certificates that have been loaded into True Compliance.

Access

Users can access the certificates, and database data via the frontend application at truecompliance.co.uk. Access to this system is secured via password protected user accounts. Organisational access is granted centrally by True Compliance at the request of our clients. You cannot sign up online for access. User accounts are removed once no longer active. The True Compliance website is securely hosted over a https connection. All reasonable attempts are made to protect the sites codebase from malicious external attacks.

True Compliance runs a serverless platform, which guards against the risk of people hacking into the system. Unless we specifically setup the function to allow it an unwanted external user cannot shell into the running processes (even if we did do this they would find it extremely difficult and the process would anyway only live for a few minutes).

Access to the AWS console is limited to the responsible staff within True Compliance, by a user / password combination and MFA. Access here will allow you to view the certificates and S3 content, but cannot get you server access.

Integrity

To handle against the unlikely possibility of catastrophic failures, True Compliance maintains multiple cross location backups.

  • Database: True Compliance runs serverless databases, which are constantly replicated. We can restore to any point in time over the previous seven days. We also maintain nightly snapshots from the last week.
  • Certificates: The certificates are stored on S3, which is automatically backed up by Amazon to prevent loss from hardware failure.
  • Codebase: The application codebase is stored in repositories managed by a cloud repository store, as well as on our servers and local development environments.

As a result True Compliance has no single point of failure when it comes to data integrity.

Archiving / Retention

It is important that we retain the information which is pertinent to the user at all times while ensuring data protection of the client’s customers/residents.

Clients are able to configure their own retention periods in the application. The system will then automatically remove aged data points that go over this limit. The clients can configure this to remove the computed data, just the PDF, or both.

Disaster Scenarios

  • Amazon: The worst case scenario. If Amazon were to go out of business without warning, or the data centre suffers a catastrophic incident, then we can relocate our server base to another AWS location / another server provider entirely. Our codebase is stored with a separate service, and our data can be recovered from external backup. 
    • Likelihood of occurrence: Extremely unlikely
    • Potential Data Loss: Up to 24 hours 
    • Downtime: Up to 24 hours
  • True Compliance Office: Since the Covid pandemic True Compliance has been setup to be able to operate on a completely remote working basis. The company operates without a fixed office. If any of the co-working offices we use were flooded or burned down etc there would be no effect on service provision at all. The codebase / live servers / data stores are all offsite.
    • Likelihood of occurrence: Unlikely
    • Potential Data Loss: None
    • Downtime: None
  • Repository Provider: If we somehow lost the use of our code repository store as a service provider. This would be the lowest level of risk. We'd just switch to another service, using one of the copies of the codebase available across the live and staging platforms, and also locally available.
    • Likelihood of occurrence: Unlikely
    • Potential Data Loss: None
    • Downtime: None
  • Server failure: True Compliance runs on a serverless platform. This means there are no servers that require maintenance, and each request is handled in a stand alone process that is discontinued once completed. This means no persistent data is stored on the process, and new “servers” are spun up and down constantly. Server failure is not an issue.
    • Likelihood of occurrence: N/A
    • Potential Data Loss: None
    • Downtime: None
  • Database failure: Although the database is also running on a serverless platform it is slightly different. There is no single point of failure for the DB, and if one of the nodes fails it is automatically replaced. This happens in the background without any noticeable effect. However it is conceivable, if very unlikely, that we may have to restore the DB cluster if there is an issue. In such a scenario, left with no db, the live application will stop working, and need to be brought down for maintenance. A new db server will be restored from the saved snapshots
    • Likelihood of occurrence: Very Unlikely
    • Potential Data Loss: Up to ten minutes
    • Downtime: Up to two hours

GDPR Appendix

Personal data stored on True Compliance is limited solely to the names (and sometimes telephone numbers) of residents, and the address to which that name is associated.

This data is acquired from our clients who have the legal right to compile and hold information about their residents and use third party systems to administer that data.

True Compliance does not, and will never share any information held on our servers with any party except the client that put it there, as part of their normal business practices.

If a resident makes a specific request to us at support@truecompliance.co.uk, will we remove their name / number from the system within 10 working days, except in cases where doing so would be in breach of our clients legal right to retain this information, and they have specifically asked us not to. Either way the resident shall be informed.

True Compliance does not share, process, profile or track any of the residents whose names are stored, nor do we have any mechanism by which we could do this. The residents names are not matched to any other dataset, and exist only as a data point against the specific compliance record / property loaded into the system.

As the personal data is limited to named social housing tenants, there is no data relating to children in the system.

We do not collect data relating to financial payments, medical issues, sexual orientation, religious affiliation, or indeed any personal information apart from that noted above.

© 2025 Graeme Kilkenny