How we protect your data.
EqualBase handles sensitive compensation data for organisations across the EU. Security and data protection are built into the platform from the ground up — here is how.
Last reviewed [ date pending ]Security by design, not bolted on.
The measures below describe how EqualBase is built and operated. Specific standards, versions and figures are confirmed by EqualBase before publishing.
EU data residency
Customer data is hosted within the EU. Hosting region and provider details to be confirmed by EqualBase.
EU hostingEncryption
Data is encrypted in transit and at rest. Specific protocols and key-management details to be confirmed by EqualBase.
In transit & at restAccess controls
Role-based access controls govern who can see and act on data, with least-privilege defaults across the platform.
Role-based accessAudit trails
Activity is logged to support traceability of decisions and calculations — the same evidence trail that makes filings defensible.
Activity loggingGDPR architecture
The platform follows a privacy-by-design posture, with data minimisation and purpose limitation reflected in how it is built.
Privacy by designOperational resilience
Backup and recovery practices protect data availability. Specific RPO/RTO commitments to be confirmed by EqualBase.
Backup & recoveryFound something? Tell us.
We welcome reports from security researchers. If you believe you have found a vulnerability in EqualBase, please contact our security team directly so we can investigate and respond.
Need our security documentation?
Enterprise, Legal and IT teams can request our security pack and talk through data handling with our team — or see the platform end to end in a demo.