SwiftCase

Securityyoucanprove.
Notjustclaim.

Cyber Essentials certified. ISO 27001 hosting. UK data centres only. Your data stays where it should, under your control and protected by real security measures.

Certifications

Credentials that matter.

We don't just say we're secure. We prove it with recognised certifications.

Certified

Cyber Essentials Certified

Government-backed certification for cyber security. Passed, not pending. We meet the baseline for protecting against common cyber attacks.

Compliant

ISO 27001 Hosting

Our infrastructure is hosted in ISO 27001 certified data centres. The international standard for information security management.

Compliant

GDPR Compliant

Built for UK and EU data protection requirements. Data processing agreements, subject access requests, and right to deletion built in.

Data Protection

How we protect your data.

UK Data Residency

Your data stays in the UK. Not routed through servers abroad. Not stored in jurisdictions with different data laws. UK data centres only.

Encryption at Rest

All data encrypted when stored. AES-256 encryption. Even if someone accessed the physical storage, your data would be unreadable.

Encryption in Transit

TLS 1.2+ for all connections. Your data is encrypted between your browser and our servers. No exceptions.

Role-Based Access

Control who sees what. Granular permissions by role, team, or individual. Users only access what they need.

Audit Logging

154+ event types logged. Every login, every change, every access. Full trail of who did what and when. Exportable for compliance.

API Security

API keys with granular permissions. Rate limiting. IP allowlisting available. Secure integration without exposing your system.

Access Control

Control who accesses what.

Granular permissions. Multi-factor authentication. IP restrictions. You decide who gets in.

Two-Factor Authentication

Optional 2FA for all users. TOTP-based. Add an extra layer of security to every login.

IP Restrictions

Restrict access by IP address or range. Lock down access to your office network if required.

Session Management

Automatic session timeout. Force logout across devices. See active sessions and revoke access.

Data Isolation

Each customer's data is logically isolated. No cross-tenant data access. Your data is yours alone.

Audit Trail

154+ event types. Full history.

Every action logged. Every change recorded. When auditors ask what happened, you have the answer. Exportable reports for compliance reviews.

User login and logout
Password changes
Permission changes
Record creation and updates
Document generation
Email sends
API calls
Workflow executions
File uploads and downloads
Data exports
Configuration changes
Integration activity
Audit Log
14:32:01
Updated case CLM-2024-001
Sarah M.
14:31:45
Generated settlement_letter.pdf
System
14:30:22
Logged in from 192.168.1.100
Sarah M.
14:28:15
Exported contacts report
James K.
14:25:00
Workflow 'Case Closure' executed
System

Our security commitment.

What we promise you.

No data selling

Your data is yours. We don't sell it, share it, or use it for anything except running your system.

Transparent incidents

If something goes wrong, you'll know. We disclose security incidents promptly and clearly.

Regular testing

Ongoing security assessments. We don't set and forget. We continuously improve.

UK-based support

Security questions answered by real people in the UK. Not outsourced, not scripted.

Questions about security?

We're happy to discuss our security measures, provide documentation for your compliance team, or answer specific questions about how we protect your data.