Trust
Trust Center
Everything your security, privacy and procurement teams need to evaluate LeakIQ, in one place. LeakIQ connects to your financial systems using read-only credentials, encrypts everything sensitive, and keeps your data in the EU. If you need something that is not here — a completed security questionnaire, a signed DPA, or a technical review call — email security@leakiq.io.
Data residency
EU — AWS eu-west-1, Ireland
Encryption
AES-256-GCM at rest · TLS 1.2+ in transit
Data protection
UK GDPR · ICO reg. ZC187738
Connectors
Read-only — no write-back
Penetration testing
Annual · next 14 June 2027
SOC 2 Type II
In progress
Security
Security overview
How LeakIQ keeps your financial systems safe to connect.
Technical documentation
Architecture, connectors, encryption, RBAC, MFA and audit for technical reviewers.
Information Security Policy
The umbrella policy governing how we protect data and systems.
Vulnerability Disclosure Policy
How to report a security issue, and our safe-harbour commitment.
Resilience & operations
Data & privacy
Privacy Policy
What personal data we process and your rights.
Data Processing Agreement
Our processor terms — Schedule 1 of the Master Subscription Agreement.
Data Retention & Deletion Policy
How long we keep each data category, and how deletion works.
Sub-processors
The third parties we use, what they handle, and change notifications.
Legal
Running a vendor review?
We are happy to complete your security questionnaire, provide a signed Data Processing Agreement, or join a technical review call before you connect any systems. We respond within one business day.