At Trace® we believe trust is everything in the global digital economy. It’s what relationships are based on; it’s the bedrock of business, of decisions, of good risk management. And trust has never been more important when it comes to the secure and accountable handling of data in robust infrastructure. Trace® is a certified Crown Commercial Service supplier, built on Security by Design principles. Compliance is at the heart of everything we do.
how we keep your data secure
Trace® is committed to being a custodian of your information and we are driven to empower trust at your organisation by helping you protect the data that matters. Learn more about how we use the right technical and organisational measures to look after your information:
compliant by design
We’re experts in international privacy regulations like the GDPR, so as you’d expect, we take a rigorous approach to our own compliance. Using the Trace® platform helps ensure we embed compliance into operations by keeping our data map up to data as a living inventory and audit.
Our whole approach is informed by an ethos of privacy and accountability which forms the bedrock of our purpose.
privacy by design
Trace® has been built for privacy and risk mitigation—minimising data collection and duplication—focusing on the meta data. This means that when you use our software, we won’t ask you for any customer data; rather, we’ll only ask you for your information to run your account.
Our approach is Privacy By Design. Read more in our Privacy Promise.
leading security
We never compromise on security. Our platform is built on Microsoft Azure infrastructure with state of the art, multi-layered security. This means when using your Trace® account, your in-app account data is securely hosted in the UK and all personal data is encrypted at rest and in transit.
And when it comes to transactional data, if you choose to pay for your Trace® subscription online, we use the Stripe payments platform, which is certified PCI Service Provider Level 1—the most stringent industry level.
vetted partners
You’re only as strong as your weakest link. That’s why due diligence on third party processors is critical.
Trace® helps you assess your data processors’ compliance posture by helping you check whether data is being processed in a an adequate country; and that they have the right contractual, organisational and technical measures in place to safeguard data.
We also carefully vet our own partners. For details of sub-processors see our Terms of Service.