Data security and compliance is important to MyMynd. We are 100% committed to securing our platform and our data.

MyMynd employs industry-standard technologies and services to ensure data is secured against unauthorized access, disclosure, use and loss.

The MyMynd platform is hosted using Amazon Web Services (AWS), primarily in the Europe (London) region.

Under the AWS Shared Responsibility model, AWS is 'responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud'. This includes:

AWS implements a number of extensive controls to ensure their data centres are secure and resilient by design.

MyMynd is responsible for the security of our platform & applications that run 'in' AWS. We do this through a number of security layers:

All sensitive data stored by MyMynd in AWS is encrypted at rest, this applies to databases, caches and other persistent storage mechanisms e.g. S3.

Data in transit is also encrypted, using HTTPS transport layer security (TLS) encrypted connections.

As well as implementing recommended password complexity requirements for users of the MyMynd platform, we also encourage the use of multi-factor authentication (MFA) where possible.

At MyMynd, we use a number of automated tools and systems to help support our code and development practices to promote secure application development. This includes but is not limited to version control, dependency management, testing & deployment.

As part of our commitment to security, MyMynd has completed the government-backed Cyber Essentials certification. This helps us to ensure we have the necessary technical controls in place to protect our systems and processes against common online security threats.