Transparency, security, compliance.
Zerix is committed to transparency, security and compliance across all aspects of our platform. Each of our policies is published in full below.
- Security Overview
How Zerix protects customer data: data residency, encryption, authentication, backups, monitoring and responsible disclosure.
- Privacy Policy
How Zerix collects, uses and protects personal data in accordance with UK GDPR and the Data Protection Act 2018.
- Data Security Policy
Technical and organisational controls Zerix applies to protect client data at rest, in transit and in operation.
- System Access & Authentication Policy
Who is allowed access to Zerix systems and databases, and the controls in place to enforce least privilege.
- Acceptable Use Policy
What is acceptable when using the Zerix platform, and what is not.
- Backup & Recovery Policy
How Zerix backs up production data, where backups are stored, and the recovery objectives the service is engineered against.
- Business Continuity Policy
How Zerix maintains service availability in the event of disruption, and how customers are kept informed.
- Change Management & Deployment Policy
How code changes, database migrations and platform updates are tested, approved and released into production.
- Data Retention & Deletion Policy
How long Zerix retains customer data, when it is deleted, and how clients can request earlier removal.
- Incident Response Policy
What happens at Zerix in the event of a security incident or data breach: detection, containment, notification, remediation.
- Cookie Policy
What cookies and similar technologies Zerix uses on zerix.co.uk, why we use them, and how you can manage them.
- Software & Infrastructure Policy
The platform technology and operational infrastructure Zerix runs on.
Policies last reviewed October 2025. Named sub-processors and full technical stack disclosed to commercial customers under NDA in the Data Processing Addendum.