Security & Compliance

ScanToVerify operates in accordance with recognised international security standards and data protection regulations.
Our systems, processes, and infrastructure are designed to protect the integrity of verification services and safeguard the privacy of all involved parties.

Technical Security Measures

  • Encryption in Transit and at Rest: All data transmissions are protected with TLS 1.2+ and stored using strong encryption standards.

  • Access Control: Multi-factor authentication for administrative access, role-based permissions, and least-privilege principles.

  • Audit Logging: All verification requests and security events are logged and reviewed according to defined policies.

  • Secure Hosting: Systems are hosted in certified European data centres with 24/7 monitoring and physical access restrictions.

  • Resilience: Redundant infrastructure, regular backup testing, and disaster recovery planning.

Compliance Standards

ScanToVerify is committed to full compliance with applicable data protection and operational security regulations.
Our processes are reviewed periodically to ensure ongoing alignment with recognised best practices.

  • GDPR Compliance: All processing activities are governed by the principles of the EU General Data Protection Regulation.

  • Data Minimisation: Only essential information required for verification is processed and displayed to authorised parties.

  • Retention Policy: Verification logs are retained for the minimum necessary period and then securely deleted.

  • Legal Access Requests: Additional data is disclosed only upon valid legal basis and formal authorisation.

Data Protection Principles

  • Transparency: Clear information on how verification data is processed and protected.

  • Security by Design: Security considerations embedded in every stage of system design and development.

  • Data Subject Rights: Requests related to data access, rectification, or deletion are coordinated with the issuing authority.

  • Incident Response: Documented procedures for managing and reporting security incidents in line with legal requirements.

Closing Statement:
This Security & Compliance statement applies to all verification operations carried out on the ScanToVerify platform.
For further details or official enquiries, please contact us.