Security, compliance, and reliability — documented.
Certifications
ISO 27001
International standard for information security management systems. Covers the policies, procedures, and controls governing how we manage and protect information assets.
SOC 2 Type II
Third-party audit of our security, availability, and confidentiality controls over a sustained period. Report available under NDA for enterprise evaluations.
PCI-DSS Level 1 Service Provider
The highest level of PCI compliance for service providers. Status and badge to be added when achieved.
Cyber Essentials Plus
UK government-backed certification confirming technical controls against common cyber threats. Independently assessed.
NIS2 Aligned
CrownWall's platform and operational processes are aligned with the requirements of the EU NIS2 Directive for digital service providers.
ISO 27701
Privacy information management system standard, extending ISO 27001 with privacy-specific controls. Status to be confirmed.
How we protect the platform that protects yours.
Infrastructure security
All CrownWall infrastructure runs on hardened, patched systems with access limited by role and enforced by multi-factor authentication. All changes are logged and reviewed.
Data handling
Customer traffic data is processed only in the regions specified in your service agreement. No customer data is used for training, sold to third parties, or accessed without your authorisation.
Vulnerability management
We operate a continuous vulnerability disclosure programme. Security patches are applied on a defined schedule. Critical patches applied within 24 hours of availability.
Operational commitments.
Starter
Business
Professional
Enterprise
Report a security vulnerability.
Coordinated disclosure
Please include clear reproduction steps, affected URLs, and any supporting evidence so our security team can investigate quickly.