Grantbridge UK

    Security & Data Protection

    How we protect your data and maintain the highest security standards

    GrantBridge is fully GDPR compliant and uses industry-standard security measures to protect your business information.

    TLS/SSL Encryption

    All data transmitted between your browser and our servers is encrypted using Transport Layer Security (TLS) 1.3, the latest industry-standard encryption protocol. This ensures your information cannot be intercepted during transmission.

    Secure Database

    Your data is stored in Supabase, a secure PostgreSQL database with enterprise-grade security features including Row Level Security (RLS) policies, encrypted backups, and automatic security updates.

    GDPR Compliance

    We fully comply with UK GDPR and Data Protection Act 2018. You have complete control over your data with rights to access, export, rectify, and delete your information at any time through your account settings.

    Access Controls

    We implement strict role-based access controls and authentication systems. Only you can access your business profile, grant matches, and application data. Administrative access is logged and audited.

    Our Data Protection Practices

    How we handle and protect your information

    Data Minimization

    We only collect data necessary to provide our grant matching services. We don't collect unnecessary personal information.

    No Third-Party Sharing

    Your business data is never sold or shared with third parties for marketing purposes. We only share data when you explicitly choose to apply for a grant through a provider.

    Regular Security Audits

    Our infrastructure undergoes regular security reviews and we promptly apply security patches and updates.

    Cookie Consent & Analytics

    We provide granular cookie consent controls and only track analytics with your explicit permission. Essential cookies for site functionality are always active.

    Secure Authentication

    We use Supabase Auth with industry-standard authentication protocols. Passwords are hashed using bcrypt and we support secure authentication methods.

    Data Retention

    We retain your data only as long as necessary to provide our services. You can request deletion of your account and all associated data at any time.

    Your Data Protection Rights

    Rights guaranteed under UK GDPR and Data Protection Act 2018

    Right to Access:Request a copy of all your personal data we hold
    Right to Rectification:Correct inaccurate or incomplete data
    Right to Erasure:Request deletion of your personal data
    Right to Restriction:Limit how we process your data
    Right to Portability:Receive your data in a machine-readable format
    Right to Object:Object to certain types of processing
    Transparency Notice: While we implement robust security measures, no system is 100% secure. We are committed to maintaining the highest security standards and will notify you promptly in the unlikely event of any security incident.

    Questions About Security?

    Get in touch with our data protection team

    For security or privacy-related inquiries, or to exercise your data protection rights:

    Data Protection Officer

    Email: privacy@grantbridge.uk

    Response time: Within 48 hours for security matters, 30 days for GDPR requests

    See also: Privacy Policy | Cookie Policy | Terms of Service

    Last updated: November 2024

    We use cookies to improve your experience.