Skip to main content

Security FAQs

Where is my data stored?

All customer data is securely stored in Microsoft Azure’s UK South data centre. This ensures that your data remains within the UK, benefiting from Azure’s world-class security, compliance certifications, and physical safeguards.

How secure are integrations with our existing systems?

We take integration security seriously. All integrations with your existing systems (e.g., CRM, ERP) use:

  • OAuth 2.0 tokens for secure authorisation
  • Encrypted API traffic (TLS 1.2+) to prevent interception
  • No password storage — ever
  • Strict permissions to ensure we only access what’s necessary for functionality

Before any integration is deployed, we conduct internal security reviews to ensure compliance with ISO27001 controls.

Do you offer Single Sign-On (SSO)?

Yes — we support Single Sign-On (SSO) via SAML or OAuth, depending on your identity provider. SSO helps you manage access securely and easily, reducing password fatigue for your team.

If you’d like to enable SSO for your account, please contact your account manager or support team.

How often do you test for vulnerabilities?

Security testing is an ongoing priority at BidScript. We conduct:

  • Regular third-party penetration tests to identify vulnerabilities before attackers can
  • Internal security reviews and audits aligned with our ISO27001 obligations
  • Continuous monitoring for emerging threats and system anomalies

What happens if there’s a data breach?

We have a formal Incident Response Plan as part of our ISO27001 Information Security Management System (ISMS). In the unlikely event of a data breach:

  1. Immediate response to contain and assess the issue
  2. Root cause analysis to prevent recurrence
  3. Transparent communication to affected customers within legally required timeframes
  4. Regulatory notifications if applicable

Your security is our responsibility, and we take that obligation seriously.

Can we request a copy of your security policies?

Absolutely. We provide summarised versions of key security policies upon request.
If you require additional details for due diligence or procurement purposes, please contact us at [security@bidscript.co.uk] and we’ll be happy to assist under a mutual NDA where appropriate.

Was this article helpful?