Skip to main content

πŸ›‘οΈ trumpet Trust Centre

Learn how trumpet protects your data and ensures compliance.

Russell Mitchell avatar
Written by Russell Mitchell
Updated this week

Welcome to the trumpet Trust Centre, your central hub for security, privacy, and compliance information.

We believe trust is earned through transparency. That is why we provide clear, up to date documentation outlining how we safeguard your data, manage risk, and meet regulatory standards.

Our Trust Centre is continuously maintained to reflect our current security posture, compliance status, and operational controls.


Here’s what you’ll find inside:

  • βœ… GDPR compliance and data processing details

  • πŸ” SOC 2 Type II compliance status

  • πŸ“„ Security policies and internal controls

  • πŸ—‚οΈ Subprocessor disclosures

  • πŸ”Ž Risk management and incident response procedures

  • πŸ” Change management and audit logging practices

  • πŸ”‘ Access control and identity management standards

  • πŸ’¬ FAQs for security and privacy reviews

This provides your security and procurement teams with the documentation they need during due diligence and vendor assessments.

Access the Trust Centre here

πŸ” How trumpet secures your data

We implement layered technical and organisational safeguards to ensure the confidentiality, integrity, and availability of your data.

Data Hosting and Residency

All customer data is securely hosted in:

  • Amazon Web Services (AWS) in the Europe region

  • MongoDB Atlas in Ireland

Our infrastructure is designed for resilience, high availability, and compliance with European data protection standards.

πŸ”— For more technical detail, check out: How is my data stored and secured?

Encryption

We follow industry best practices for encryption:

  • All data is encrypted in transit using HTTPS and TLS

  • Data is encrypted at rest within our infrastructure

  • Secure authentication and session management protocols are enforced

Infrastructure and Compliance

trumpet is built on secure, SOC 2 aligned infrastructure providers including AWS and MongoDB Atlas.

Our internal security program includes:

  • Documented security policies

  • Access controls and role based permissions

  • Continuous monitoring

  • Risk assessments

  • Secure development and change management processes

Our compliance posture and supporting documentation can be reviewed in the Trust Centre.

Shared Responsibility Model

Security is a shared responsibility between trumpet and our infrastructure providers.

  • trumpet is responsible for application security, access management, and protecting customer data.

  • AWS provides physical and environmental safeguards for the underlying infrastructure including facilities, hardware, power, cooling, and network controls.

πŸ”‘ Single Sign On and Access Controls

trumpet supports Single Sign On to enable secure and scalable team access.

Benefits include:

  • Centralised authentication via your identity provider such as Google or Okta

  • Simplified user provisioning and deactivation

  • Stronger access governance

  • Improved audit visibility

πŸ”— Set up SSO in minutes: Setting up SSO with trumpet

πŸ“„ Legal and Data Protection

Our legal framework is designed to support compliance with global data protection requirements.

Terms of Service and Privacy Policy
​

These documents outline:

  • How we collect and process data

  • Your rights as a customer

  • Our commitments under GDPR and other regulations

πŸ’‘ Have Questions?

Security is a shared journey. If you or your InfoSec team have any questions, feel free to reach out to our support team or your account manager.

Did this answer your question?