Last updated 22 October 2025
1.1 Astute Graphics is committed to protecting customer data and operating the Services securely. This Statement summarises key controls.
2.1 Encryption in transit using HTTPS and at rest using server‑side encryption.
2.2 Access controls, role‑based permissions, and logging across production systems.
2.3 Separation of environments and principle of least privilege for staff access.
2.4 Vulnerability management and patching of supported systems.
2.5 Incident response processes proportionate to our size and risk profile.
3.1 We do not access or read customer Assets under normal circumstances. Disclosure may occur only under a lawful court order.
3.2 No separate service backups exist beyond the Astute Manager Pro Service storage.
4.1 Our main providers include: Paddle (MoR), MailChimp, Capsule CRM, Google (email, analytics, reviews), Zendesk, Databricks, AWS (hosting), XERO (accounting).
5.1 We comply with UK data protection law and the UK GDPR as applicable.