Security

How we keep your numbers safe.

In plain English, not a compliance PDF. Here's exactly how your data is handled, kept apart, and kept safe.

Live today

Your data, kept apart

Every client's records live in their own separate database space and their own document storage area. There's no shared pot of data, and nothing in the code lets one client's records be queried alongside another's. It's built apart at the foundations, not switched apart by a setting someone could flip by mistake.

Read-only, until you say otherwise

Alfred reads your books and your bank; he doesn't write to them. Nothing gets sent, filed, booked or chased until you approve it in Govern. Every approval is yours to give.

Every action logged

Every figure Alfred surfaces and every action he takes is logged and time-stamped. Your accountant, a regulator or an insurer can see exactly who approved what, and when.

Encrypted, always

Your data is encrypted in transit and at rest, end to end.

Hosted in the EU

Our database is in London; documents are stored in EU-region storage.

Never used to train AI models

Your figures answer your questions and build your findings. They're never used to train the AI models behind Alfred, ours or anyone else's. Calls to those models run on standard commercial terms, not the terms that let a provider learn from your data.

One gateway, every model call logged

Alfred calls AI models through a single internal gateway rather than talking to a provider directly, so every call is logged, rate-limited and can be swapped out if it ever needs to be.

Deterministic checks before anything reaches a human

The checks that matter most, spotting conflicting figures, assembling your pack, and catching anything that strays into regulated advice, run in code, not in a model's guess. They happen before a finding ever reaches you or your accountant.

On the roadmap

We're a young company being upfront about where we are. These are targeted or in progress, not live yet:

ISO 27001Targeted
SOC 2 Type IIIn progress
Cyber EssentialsPlanned

Report a security concern

Found something that shouldn't be possible? We want to know before anyone else does. Email ceo@alfredanswered.com with what you found and how to reproduce it. We'll acknowledge your report, keep you updated while we fix it, and won't take action against anyone who reports a genuine issue in good faith and gives us a reasonable chance to fix it first.