Nothreat logo
Request a demo

Security Policy

At Nothreat, the security of our customers’ data is a core priority. We are committed to protecting information with high standards of confidentiality, integrity, and availability. To support this commitment, we follow the GDPR, ISO 27001, and SOC2 frameworks and continuously review and improve our security practices.

Information Security Management

We operate an Information Security Management System (ISMS) designed in alignment with GDPR, ISO 27001, and SOC2 requirements. Our ISMS includes our policies, procedures, and security controls across people, processes, and technology. To support this, we use Vanta to help monitor and maintain our ISMS by automating control monitoring, evidence collection, and security alerts. Security responsibilities are clearly defined, and employees receive regular training to ensure they understand data protection, secure handling of information, and incident reporting processes.

Data Protection and Privacy

We only collect data that is necessary for delivering and improving our services. All customer data is encrypted in transit and at rest using industry-standard encryption methods. Access to data is restricted, logged, and only provided to authorized personnel when required for their work. We comply with applicable privacy regulations and are committed to handling customer information lawfully, transparently, and securely.

Secure Infrastructure

Our platform is hosted on trusted cloud providers with strong physical and digital safeguards. Infrastructure is configured according to best practices, including network segmentation, firewalls, strict access controls, and continuous monitoring. Backups are performed regularly and securely stored to ensure data remains available and recoverable in the event of an incident.

Access Control and Identity Management

We apply the principle of least privilege to all systems. Multi-factor authentication is required for internal access, and administrative permissions are closely controlled. Access rights are reviewed regularly and revoked when no longer needed.

Monitoring and Incident Response

We continuously monitor our systems for threats, vulnerabilities, or unusual activity. In case of an incident, we follow a documented response plan to identify, contain, and resolve the issue. Afterward, we perform root-cause analysis to prevent recurrence. If a security or privacy incident affects customer data, we notify impacted parties in accordance with legal and contractual obligations.

Risk Management and Continuous Improvement

Security risks are regularly identified, assessed, and mitigated. We perform internal reviews, vulnerability assessments, and evaluate third-party tools and vendors to maintain a high-security standard. We continuously improve our processes based on audit results, security tests, and customer feedback.

Third-Party Vendors

We assess and monitor third-party vendors to ensure they meet security and compliance requirements. Data shared with vendors is minimized and governed by contractual agreements to maintain confidentiality and protection.

Commitment to GDPR, ISO 27001 and SOC2

Nothreat is committed to aligning with GDPR, ISO 27001 and SOC2 standards. This includes maintaining structured policies, conducting regular risk assessments, and integrating security into every stage of our operations. Our goal is to achieve and sustain certification through continuous improvement.

Contact

If you have any questions about our security practices or wish to report a concern, please contact us at info@nothreat.io.

About
engage@nothreat.io

307 Euston Road, London
UK, NW1 3AD

Solutions
IoT CybersecurityWeb Cybersecurity
Products
Nothreat Platform (CTEM)CyberEchoAIoT DefenderThreatShield & Intelligent DNSSecurity Operational Center (SOC)

Company

TeamContact usPress & NewsMomentum Partner Program

© 2025 All Rights Reserved

PrivacyTermsCookiesSecurity
nothreat text logo