Skip to main content

How We Protect Your Data

At BidScript, we know that trust is earned. And nothing is more important to us than protecting the data you share with us. When you use BidScript, you’re not just trusting us with your proposals - you’re trusting us with your reputation, your strategy, and your business-critical work.

That’s why security isn’t something we add on - it’s something we build in.

Secure by Design

From the ground up, BidScript’s architecture has been developed with security at its core. We follow industry best practices, shaped by our ISO27001 accreditation - the internationally recognised gold standard for information security.

  • Role-based access controls (RBAC): Only the right people can access the right data at the right time.
  • Principle of least privilege: Every permission is intentional, never excessive.
  • Segregated environments: Your data is isolated in secure environments with strict boundaries between development, testing, and production systems.

Encryption at Every Step

We don’t take shortcuts when it comes to encryption.

  • In transit: All data is encrypted using TLS 1.2+, ensuring that anything you send to or from BidScript is protected from interception.
  • At rest: Stored data is encrypted using AES-256, one of the strongest encryption standards available today.
  • Backups: Encrypted backups ensure your data is safe, even in worst-case scenarios.

Internal Security Practices

Our security isn’t just technical — it’s cultural.

  • Staff vetting: All team members undergo thorough background checks before joining BidScript.
  • Security awareness: Every employee receives ongoing training on secure practices, including how to handle sensitive data.
  • Need-to-know basis: Only essential personnel have access to sensitive systems and information.

Working with Third Parties

BidScript integrates with other systems to make your work easier - but never at the expense of your security.

  • Every third-party provider we use is carefully vetted for security, privacy, and compliance.
  • We maintain strict Data Processing Agreements (DPAs) with all relevant suppliers.

Ongoing Commitment

Security isn’t a one-time project - it’s an ongoing responsibility. We regularly:

  • Conduct third-party penetration tests to proactively find and fix vulnerabilities.
  • Review and improve our security policies in line with emerging threats and best practices.
  • Monitor our systems 24/7 for suspicious activity or anomalies.

 

Please visit our trust centre for more details: https://trust.bidscript.co.uk/

Was this article helpful?