Your Security is part of our DNA

High security, guaranteed compliance and audit trail come as standard with NorthRow. We handle the personal data of thousands of records for our clients, and we recognise the importance of keeping it safe


We’re happy to answer any questions you may have and have started the ball rolling below. If you need any other information please get in touch.

  • What do you do with our data?

    At NorthRow we take security very seriously, we adhere to the highest, rigorous standards for data, privacy and security compliance. The data you send us is only used to verify your client’s identities and businesses. We never use it for any other purpose. We send it to third parties to complete the checks, and we can share our list of sub-processors with you so that you have full transparency of how your data is used.

  • How do you test your services?

    Our products are tested continuously throughout our development process by a team of internal QA engineers. In addition to the application testing we regularly scan for vulnerabilities using third party services and undertake annual detailed penetration testing. We continually monitor new vulnerabilities and proactively work to ensure that we are protected.

  • Where is our data held?

    We host our services within the EU on Amazon Web Services. The data is encrypted in transit and at rest using AES-256 keys. Almost all of our sub-processors are also hosted within the EU. However, we will advise you if you need a service that is not based in the EU.

  • What about service availability?

    NorthRow makes use of the Amazon Web Services and Microsoft Azure to ensure we do not have a single point of failure in our architecture. All the data we hold and the services we provide are backed up at regular intervals to protect against disruption or loss of data.

  • What assurances do you provide?

    We provide multiple independent assurances to ensure your data is safe. We are independently audited and certified for ISO 27001 and Cyber Essentials Plus. We carry out full penetration tests at least once a year, and perform regular vulnerability scans across all services. Every release is subjected to multiple rounds of automated and manual testing. We also benefit from the assurances of our cloud providers. You can read more about the security of the AWS cloud here

Compliance certifications and regulations

ISO27001 logo

We’re happy to answer any questions you may have, and have started the ball rolling below. If you need any other information please get in touch.