Security

How we protect your data.

Encryption in transit

All data transmitted between your browser and Handova is encrypted using TLS 1.2 or higher.

Encryption at rest

All data stored in our database is encrypted at rest using industry-standard AES-256 encryption via Supabase.

Payment security

All payments are processed by Stripe, a PCI DSS Level 1 certified payment processor. We never store card details on our servers.

Access controls

Role-based access ensures team members only see the data relevant to their role. Company data is fully isolated — no company can access another's data.

Authentication

Secure session-based authentication with encrypted tokens. Passwords are hashed using industry-standard algorithms and never stored in plain text.

EU data residency

All customer data is stored on servers located within the European Union, in compliance with UK GDPR requirements.

Found a security issue?

We take security seriously. If you discover a vulnerability, please contact us at hello@handova.co.uk and we will respond within 48 hours.

Contact security team
Built with v0