Security and compliance

Understand how we protect your data and support your legal and regulatory requirements.

Enterprise customers trust our robust security practices, industry-recognised controls, and ongoing compliance programs.

Our compliance frameworks

We comply with key standards that matter to our customers and their stakeholders.

Cyber Essentials

Nexudus is certified under the UK Government-backed Cyber Essentials scheme. This demonstrates that we have implemented essential technical controls to protect against common cyber threats, including secure configuration, access control, malware protection, and network security.

SOC 2

We comply with the SOC 2 framework, which assesses how organisations manage and protect customer data. Our controls are designed in accordance with the SOC 2 Security Trust Services Criteria.

GDPR

Nexudus complies with the General Data Protection Regulation (GDPR). We process personal data lawfully, fairly, and transparently, and we support core data subject rights such as access, rectification, and deletion.

PCI Data Security Standard (PCI DSS)

Nexudus complies with the Payment Card Industry Data Security Standard (PCI DSS). This demonstrates that we follow established security controls to safeguard payment card information, including secure handling of cardholder data, restricted access, encryption, and ongoing monitoring of our payment environment.

Contact us

We maintain an ongoing commitment to security practices. We regularly assess and update our security protocols to address emerging risks and maintain and ensure your data remains protected.

If you have any questions, please reach out to security@nexudus.com.

For further details on data protection and privacy, please refer to our Privacy Policy.