Trust & compliance

Security & Trust

Etainabl is built with security-first principles. We handle sensitive energy and financial data on behalf of our customers, and we take that responsibility seriously.

Data hosting

All customer data is hosted in the UK & Ireland on AWS infrastructure. Data is encrypted at rest and in transit using industry-standard AES-256 and TLS 1.3.

Access controls

Etainabl uses role-based access control (RBAC) to ensure users can only see data relevant to their role and organisation. Audit logs record all significant actions.

Compliance

  • ISO 27001: In progress
  • GDPR: Fully compliant. Data processing agreements available on request.
  • SOC 2 Type II: Roadmap 2025

Penetration testing

We conduct annual penetration testing with an independent third-party security firm. Results are available to enterprise customers under NDA.

Responsible disclosure

If you discover a security vulnerability, please contact security@etainabl.com. We aim to respond within 48 hours.

Questions about security?

Our team is happy to walk through our controls in detail. Enterprise customers can request penetration test summaries under NDA.