Your data is commercially sensitive.
We treat it that way.
No certifications to wave around yet. Here is what we actually do.
Built on Microsoft Azure.
All data is hosted on Microsoft Azure in EU data centres. We inherit Azure's security controls, compliance certifications, and operational practices. Your data does not leave Europe.
Encrypted in transit
All connections use TLS 1.2 or higher. Data moving between your browser and our servers is encrypted.
Encrypted at rest
Data stored in our databases is encrypted using Azure's storage encryption. We do not hold the keys.
EU data residency
Your data stays in European data centres. No transfers to the US or other jurisdictions with weaker privacy protections.
What we are working toward.
We are a startup. We do not yet have SOC 2, ISO 27001, or other third-party certifications. Those take time and resources we are investing in the product first.
What we can tell you: security is not an afterthought. The architecture is designed for it. As we grow, formal certifications will follow.
If your organisation requires specific certifications before onboarding, talk to us. We are happy to discuss our roadmap and controls in detail.
You decide who sees what.
Product data is competitive intelligence. Supplier relationships are sensitive. We built permissions from the ground up to reflect that.
Granular visibility
Control access at the field level. Share full specifications with one customer, basic details with another.
Access logging
Every view, download, and share is recorded. The "Who's viewed my data" log shows exactly which partners accessed your information, what they looked at, and when.
Role-based permissions
Owners, administrators, and viewers have different capabilities. You control who can do what within your organisation.
Common questions about security and data handling
Where is LinkXG data hosted?
In Microsoft Azure data centres in the European Union, with infrastructure-as-code provisioning and standard cloud isolation between tenants.
How is data encrypted?
In transit using TLS 1.2 or higher, at rest using Azure's storage encryption. We do not hold the keys.
Is LinkXG GDPR compliant?
Yes. LinkXG is operated by Striped Hare Ltd, a UK company subject to UK GDPR. A Data Processing Agreement is available on request.
Does LinkXG hold SOC 2 or ISO 27001 certification?
Not yet. LinkXG is an early-stage company and we are transparent about this. We have implemented the controls these standards require and will pursue certification once our customer base supports it.
Who can see the data a supplier publishes?
Only the customers a supplier has explicitly granted access to, at the field level the supplier has chosen, until the supplier revokes that access.
Where can I see what has been shared with whom?
Every share, access and change is recorded in an audit trail accessible to the supplier from the platform. Buyers see a corresponding record of access on their side.
Questions about security?
We are happy to walk through our approach.