We take security seriously. From encryption to blockchain immutability, every layer is designed to protect your business-critical data.
Multiple layers of protection for your peace of mind
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Your sensitive information is protected with industry-leading encryption standards.
We use Hyperledger Fabric and AWS QLDB to create tamper-proof, immutable audit trails. Once logged, cleaning records cannot be altered or deleted.
Our platform runs on AWS with multi-region redundancy, DDoS protection, and 99.9% uptime SLA. All servers are located in UK data centers.
Role-based access control (RBAC) ensures users only see data they're authorized to access. Multi-factor authentication (MFA) available for all accounts.
We conduct quarterly security audits and annual penetration testing by certified third-party security firms. SOC 2 Type II certification in progress.
24/7 security monitoring with automated threat detection. We have a documented incident response plan and will notify you within 72 hours of any breach.
Cloud Provider: We host all infrastructure on Amazon Web Services (AWS), a leader in cloud security with industry certifications including ISO 27001, SOC 1/2/3, and PCI DSS Level 1.
Network Security: All services run in private Virtual Private Clouds (VPCs) with network segmentation, Web Application Firewall (WAF), and DDoS protection via AWS Shield.
Data Residency: All customer data is stored in UK-based AWS regions (London eu-west-2) to comply with data sovereignty requirements.
Secure Development: We follow secure coding practices (OWASP Top 10) and conduct regular code reviews. All code changes undergo automated security scanning before deployment.
Dependency Management: We use automated tools (Dependabot, Snyk) to monitor and update third-party libraries, ensuring no known vulnerabilities exist in our dependencies.
Authentication: We use industry-standard OAuth 2.0 and JWT tokens. Passwords are hashed with bcrypt (cost factor 12). MFA is available via TOTP or SMS.
Encryption at Rest: All databases use AES-256 encryption. Encryption keys are managed via AWS KMS with automatic rotation every 90 days.
Encryption in Transit: All connections use TLS 1.3 with perfect forward secrecy. We enforce HTTPS everywhere and use HSTS headers.
Backups: Automated daily backups with point-in-time recovery. Backups are encrypted and stored in separate regions for disaster recovery.
Tamper-Proof Records: All cleaning logs are written to Hyperledger Fabric or AWS QLDB, creating cryptographically verifiable audit trails that cannot be altered retroactively.
Audit Trail: Every modification to cleaning records is logged with timestamps, user IDs, and cryptographic hashes. This ensures complete transparency and accountability.
Verification: Clients and auditors can independently verify the integrity of any cleaning record by checking its blockchain entry.
Industry-recognized standards we meet or are working towards
ISO 27001 (in progress)
SOC 2 Type II (in progress)
GDPR Compliant
UK Cyber Essentials
PCI DSS (via Stripe)
AWS Well-Architected
We welcome responsible disclosure of security vulnerabilities. If you discover a potential issue, please email us at security@purehive.com.
We commit to acknowledging your report within 48 hours and providing a detailed response within 7 days. We do not currently offer a bug bounty program but may provide recognition for significant findings.
Our security team is available to answer your questions.
Email Us: security@purehive.com