you're trusting us with your whole business: your customers, your tickets, your invoices, your passwords. we keep each customer's data separate, encrypted, and logged, and we host it all in the uk. that's the short version.
last reviewed 2026-05-21 · need the detail for procurement? email security@concorbit.com.
every customer is a separate tenant. the platform filters every request to the customer making it, so there's no path that returns someone else's records.
the sensitive parts, like customer details, vault entries and integration logins, are encrypted with a separate key for each customer, and the database sits on an encrypted disk.
sign in with multi-factor and passkeys on every tier, or with your microsoft 365 account at no extra charge. roles and permissions decide who can see what, and you can sign out your active sessions whenever you like.
important actions are recorded in an audit log you can export, and the log is built so quiet edits show up.
everything runs in the uk, over an encrypted connection, with encrypted nightly backups. we act as your data processor; a data processing agreement and the list of services we rely on are available on request.
found something? email security@concorbit.com or read security.txt. we work to a 90-day disclosure window and we won't take legal action against good-faith researchers.
we're an independent uk company, so we'll be straight about what we have and what we're still working on. if a particular certification is a hard requirement for you, ask and we'll tell you honestly whether we're the right fit yet.