How we protect your data.

Data hosting

All data is hosted on infrastructure within the United Kingdom and European Economic Area. We do not store personal data on servers located outside the EEA.

Encryption

Data is encrypted in transit using TLS 1.2 or higher. Data at rest is encrypted using AES-256. Backups are encrypted and stored separately from primary data.

Access control

Access to client data within our systems is role-based and limited to staff who need it to deliver the service. We do not sell or share personal data with third parties for marketing purposes.

GDPR compliance

Sales Progressor operates as a data processor under GDPR for personal data you provide about your clients. We maintain a data processing agreement and can provide a copy on request. Refer to our Privacy Policy for full details.

Payments

Payments are processed by Stripe, a PCI DSS Level 1 certified provider. Sales Progressor does not store card numbers or payment credentials on its own infrastructure.

Vulnerability disclosure

If you discover a security vulnerability in our platform, please report it responsibly to security@thesalesprogressor.co.uk. We aim to acknowledge reports within two business days and resolve confirmed issues promptly.