Trust & Security at Rivelin

Last updated 22 April 2025 — next update due May 2025

GDPR compliance
Rivelin meets the UK GDPR and Data Protection Act 2018. All personal data is processed exclusively in our Amazon AWS eu‑west‑1 (Dublin) region, encrypted in transit (TLS 1.3) and at rest (AES‑256). We act as a data processor; customers retain full data‑controller rights. See our draft Data Processing Agreement (v0.9) for details.

Compliance roadmap

• Cyber Essentials Plus audit booked — Q4 2025 (IASME)
• ISO 27001 certification in progress — target Q4 2025

Questions? Email security@rivelin.io