Your data is your business. We treat it that way.
Tidebridge is ISO/IEC 27001 certified. Here's what that means in practice.
Certified, not just careful.
Tidebridge is certified to ISO/IEC 27001:2022 by Insight Assurance, an IAS-accredited certification body. The standard covers how we handle data, control access, manage risk and respond to incidents.
Certificate IS-IA-2026-06-02-01. First issued 2 June 2026, valid to 1 June 2029, with annual surveillance audits. The scope covers our information security management system supporting platform and data infrastructure implementation services for clients.
Our controls are monitored continuously through Vanta, not dusted off once a year for an audit. The certificate itself and our security policies are available on request.
How we work with your data
Three things every client gets, on every engagement:
Your cloud, your data
Everything we build runs in your own cloud environment. Your systems and data stay in your tenancy. We don't host them, and we can't take them with us.
Continuous scanning
Aikido scans our code and infrastructure continuously. Vulnerabilities get fixed as they're found, not collected for a quarterly review.
Annual penetration tests
Independent penetration tests every year on the platforms we run for clients. Findings get fixed, not filed.
Need more detail?
Security teams and due diligence reviewers can request our ISO/IEC 27001 certificate and security policies. Email hello@tidebridge.co.uk and we'll turn it around quickly.
Let's talk
No pressure, no sales pitch. Just a conversation about your data and AI challenges. We can meet at your place, ours, or on Teams.