Trust & Safety

Security at Leka Comply

Last updated: 5 July 2026

Where your data lives

Your data is stored in a secure data centre in London, United Kingdom, and is encrypted at all times, both while it is stored and while it moves between your browser and our servers. Our hosting provider is independently audited against leading international security standards, including SOC 2 Type 2 and ISO/IEC 27001.

Keeping your data separate

Your organisation's information is kept completely separate from every other organisation on the platform. Every time anyone asks the platform for information, we check that they belong to your organisation before anything is shared. This separation is enforced in two independent places: on our servers, and inside the database itself. So even if a request somehow slipped past the first check, the database is built to refuse to hand over another organisation's information. Any attempt to reach another organisation's data is simply refused.

How access works

Everyone signs in with their own personal account, and accounts are never shared. What each person can see and do depends on the role your organisation gives them. Before any data is touched, every request is checked on our servers: who you are, which organisation you belong to, what your role allows, and what your subscription includes. If any of these checks fails, the request is refused. Extra sign-in protection for administrators, through multi-factor authentication, is coming soon.

Your data belongs to you

You own your data at all times, and we never sell, rent, or share it with anyone. You can request a full export of your data whenever you like, and you will receive it within 14 days. If you close your account, we keep your data for 90 days so you have time to export it, and then we delete it permanently.

Found a security problem?

If you have found a security problem, please email hello@lekacomply.com and we will respond within 48 hours. We ask that you give us the chance to investigate and fix the issue before sharing it publicly.