Connexis.
Trust & Compliance

Security, privacy and compliance — built into the platform.

Connexis Group is the routing infrastructure behind regulated UK financial brands. This page is the single source of truth for how we protect your data, your customers' enquiries, and your reputation.

security@connex.is Live status
Corporate

Who we are

Legal entity: Connexis Group Ltd
Company number: 17214446
Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Jurisdiction: England & Wales
ICO registration: ZC148599
Data Protection contact: legal@connex.is
Compliance posture

Standards we align to

  • UK GDPR aligned Live
  • ICO registration ZC148599 Live
  • FCA-aware lead workflows (CONC, MCOB, ICOBS) Live
  • TrustedForm / consent token capture Live
  • Encryption in transit (TLS 1.3) and at rest (AES-256) Live
  • Daily encrypted backups, 30-day retention Live
  • Quarterly penetration testing Live
Security

Four pillars holding up the platform.

Encryption

  • TLS 1.3 in transit (HSTS preloaded)
  • AES-256 at rest on all primary stores
  • Per-publisher API key hashing (SHA-256)
  • Webhook payload HMAC signing available

Access control

  • Role-based access (4 roles, 12+ permissions)
  • Two-factor authentication available on every account
  • Required on all admin accounts
  • All admin actions audited and timestamped

Infrastructure

  • EU-West (Ireland) primary region
  • Daily automated backups, 30-day retention
  • Cloudflare WAF + DDoS protection
  • No public database endpoints

Monitoring

  • 24/7 platform health monitoring
  • Anomaly alerts for unusual ingestion patterns
  • Quarterly penetration testing
  • Continuous vulnerability scanning
Sub-processors

Every third party we use, and what they do.

We notify all customers 14 days before adding or changing any sub-processor.

Sub-processorPurposeRegionPolicy
MongoDB AtlasPrimary databaseEU-West (Ireland)View
Stripe Payments UKCard payments + Connect payoutsUK / EUView
AnthropicAI inference (Claude)US (zero-retention)View
OpenAIAI inferenceUS (zero-retention)View
Google Cloud (Gemini)AI inferenceEU / USView
CloudflareCDN / WAF / DDoSGlobal edgeView
Policy documents

Read the legal pages.

Privacy PolicyCookie PolicyBuyer TermsPublisher TermsAffiliate TermsData Processing AgreementAcceptable Use Policy

Found a vulnerability?

We welcome responsible disclosure. Send details to security@connex.is. We acknowledge within 24 hours and aim to triage within 72.