Security & Data Protection

How heliguy.io protects operational records and compliance records. Security information last reviewed: March 2026

Robust platform security infrastructure

Modern security practices to ensure your data remains secure, controlled, and accessible

  • Cyber Essentials certified

    Certified cyber-security controls aligned with UK government standards.

  • UK-hosted infrastructure

    Operational records stored within UK-based hosting infrastructure.

  • Secure authentication & access control

    Authentication powered by Clerk (SOC 2 Type II compliant) with role-based access control.

Data hosting and encryption

How heliguy.io protects operational records in storage and during transmission.

  • Data hosting

    Operational data is stored within heliguy’s UK-based hosting infrastructure, supporting organisations that require UK data residency.

    Encryption

    All connections to heliguy.io are protected using TLS encryption. Stored data is protected using industry-standard encryption.

    Activity tracking & audit trail

    Activity tracking & audit trail

    Visibility into operational record updates and platform activity.

    Operational documentation supports traceability and oversight across teams and operations.


    The platform maintains:

    • Activity tracking of key platform actions.
    • Version history for documentation updates.
    • Visibility of changes to operational records.

    These controls support accountability across teams and operations.

    Data ownership and control

    Data ownership and control

    Operational records remain under your control with export and deletion options.

    You retain full ownership of the operational and compliance data stored in the platform.

    Export operational records and reports at any time.


    If you delete your account:

    • Operational records remain accessible for 30 days.
    • Reports can be retrieved during this period.
    • Data is permanently removed after the retention period.

    Operational safeguards

    Supporting controls that protect data, ensure resilience, and maintain transparency.

    • Backups and resilience

      Operational data is backed up regularly to protect against loss and support recovery.

    • Subprocessors

      Trusted infrastructure providers, including Clerk, support core platform functionality and security operations.

    • Data protection

      heliguy.io supports organisations operating under UK GDPR and GDPR data protection requirements.

    Security documentation

    Need a Data Processing Agreement (DPA), Data Protection Impact Assessment, (DPIA), or security questionnaire? Our team can provide the documentation you need.