Built on trust, secured by design
Your people's data is the most sensitive data there is. We care about protecting it, we comply with the standards that govern it, and we are formalising every certification along the way.
Standards we comply with
A layered set of compliance and security commitments across our team, our suppliers, and the product itself.
GDPR — Team & Suppliers
Full GDPR compliance applied uniformly across our own team and every contracted sub-processor, with DPAs in place and equivalent obligations cascaded down.
EU AI Act
Adaptive Leadbacker Intelligence (ALI) is designed to meet the EU AI Act — transparent, auditable, and operating within documented boundaries.
Standard Contractual Clauses
EU Standard Contractual Clauses are in place for any data transfer involving processors outside the EEA, ensuring lawful cross-border data flows.
ISO 27001
Our information security management is aligned to ISO 27001 controls, with formal certification work currently in progress.
Anonymity by design
A configurable multi-threshold (minimum 3 responses by default) ensures feedback can never be traced back to an individual.
EU-based hosting
Data is processed and stored within EU-based infrastructure, keeping it inside European data-protection jurisdiction.
How we protect your data
The technical and organisational measures that sit behind every Leadbacker workspace.
Encryption in transit & at rest
All traffic is encrypted with TLS and data is encrypted at rest.
Role-based access control
Granular, role-based permissions ensure people only see what they are entitled to.
Anonymity thresholds
Configurable response thresholds protect individual identities in every result.
EU infrastructure
Hosted on hardened, EU-based infrastructure with isolation between workspaces.
Backups & recovery
Regular encrypted backups support reliable recovery and business continuity.
Audit logging
Security-relevant events are logged to support traceability and accountability.