Security

Overview

Amondo is committed to maintaining a secure and compliant platform for all customers and users. We follow industry best practices across infrastructure, data management and organisational processes to ensure the confidentiality, integrity and availability of all data handled by the Amondo platform.

Amondo Ltd is registered with the Information Commissioner’s Office (ICO) under the Data Protection Act.

ICO Registration Number: ZA365772

Infrastructure security

Amondo's core platform operates on ISO 27001–compliant infrastructure provided by Heroku and Amazon Web Services (AWS). All infrastructure and sub-processors used by Amondo meet equivalent standards such as ISO 27001, SOC 2 or PCI DSS.

Most core systems are hosted within the European Economic Area (EEA). Where data is processed outside of the EEA, EU Standard Contractual Clauses (SCCs) or equivalent safeguards are applied to ensure GDPR compliance.

Amondo's content delivery and security layers are supported by Cloudflare, which provides a Web Application Firewall (WAF) and Content Delivery Network (CDN) certified under ISO 27001, SOC 2 and PCI DSS.

Organisational and technical measures

Amondo maintains documented policies and controls that govern how data and systems are protected.

These measures are governed by Amondo’s internal Information Security Policy, which applies to all personnel and operations.

Compliance

Amondo’s security and privacy practices align with GDPR and internationally recognised security frameworks. All core infrastructure providers hold certifications such as ISO 27001 and SOC 2.

Reporting

To report a potential security issue or concern, contact [email protected]. Amondo encourages responsible reporting of potential vulnerabilities and reviews all submissions in line with its internal security response process.