Data security and privacy

Our infrastructure provider is ISO 27001 and SOC Type 2 compliant. We employ top-tier storage from Amazon Web Services that meets government and corporate security requirements.

Granular authorisation settings allow admins to control what users can view and modify. Tailor access for every stakeholder, from employees and advisors to lawyers and investors.

Any information transferred to and from your Capdesk account is in safe hands. We guarantee end-to-end TLS 1.3 encryption of your data, at rest and in transit.

All platform data is encrypted and continuously backed up, so your records can be restored in an emergency. We regularly test our data retrieval processes to minimise recovery time.

Our strong password policy safeguards all admin and user accounts. Two-factor authentication can be enforced company-wide to provide further protection.

Our privacy policy guarantees end-user confidentiality. We will never contact a stakeholder without consent, nor share personal data with third parties.

Our secure data registry framework was developed in consultation with top law firms. Customer data is stored in Europe and Ireland, and handled in compliance with GDPR.

We use best-in-class monitoring tools to block malicious intent and have never had a security breach. We run regular internal audits and annual independent penetration tests.

We know that downtime is wasted time, so we’ve built a reliable platform. Live system performance updates are publicly available on the Capdesk status page.