Is KFactory ISO 27001 certified?

Yes. KFactory holds an active ISO 27001 certification, audited annually by an accredited third party. ISO 27001 is the international standard for Information Security Management Systems (ISMS).

Does KFactory have Cyber Essentials certification?

Yes. KFactory is certified under the UK Government's Cyber Essentials scheme, run by the National Cyber Security Centre (NCSC). The scheme covers firewalls, secure configuration, access control, malware protection, and patch management - preventing up to 80% of the most common cyber attacks.

Is KFactory GDPR compliant?

Yes. KFactory provides full EU GDPR compliance with data residency options, transparent data processing agreements, and the right to data export and deletion at any time.

What encryption does KFactory use?

KFactory uses AES-256 encryption for data at rest and TLS 1.3 for all data in transit. Sensitive information is never stored in plain text.

Does KFactory use customer data to train AI models?

No. Your production data stays yours. KFactory never shares, sells, or uses customer data for AI training. With Intelligence's Bring-Your-Own-LLM model, token usage is billed directly by your chosen LLM provider with no KFactory markup.

How does KFactory handle access control?

KFactory uses role-based access control (RBAC) following the principle of least privilege, multi-factor authentication (MFA), and comprehensive audit logging of all data access events.

Can I export or delete my data from KFactory?

Yes. KFactory provides full right to data export and deletion at any time, with transparent data processing agreements that document how and where your data is stored.

Security & Compliance

Enterprise-grade security,
certified

KFactory is an ISO 27001 and Cyber Essentials certified operations platform with full GDPR compliance. Your production data is protected with the same rigor you apply to your physical operations.

Certifications

Enterprise-Grade Security & Compliance

Your production data is critical. We treat it that way.

🛡

ISO 27001

Certified

International standard for Information Security Management Systems (ISMS). Third-party audited annually.

✓ Systematic risk assessment and treatment of information security risks
✓ Documented security policies, procedures, and controls
✓ Regular internal audits and management reviews
✓ Continuous improvement of security posture
✓ Annual third-party certification audit

81% of enterprises now require ISO 27001 from SaaS vendors as a non-negotiable prerequisite in procurement.

🇬🇧

Cyber Essentials

Certified

UK Government-backed certification (NCSC) - the national baseline standard for cyber security.

✓ Firewalls - security filter between internet and network
✓ Secure configuration - hardened systems, minimal attack surface
✓ Access control - role-based, principle of least privilege
✓ Malware protection - threat detection and neutralization
✓ Patch management - timely updates to close known vulnerabilities

Prevents up to 80% of the most common cyber attacks including phishing, ransomware, and exploitation of known vulnerabilities.

Infrastructure & Data Protection

Enterprise-grade hosting, encryption, and compliance

Built in, not bolted on.

🔐

Data Encryption

AES-256 encryption at rest, TLS 1.3 for all data in transit. Zero plain-text storage of sensitive information.

👥

Access Control

Role-based access, multi-factor authentication, comprehensive audit logging of all data access events.

☁

Cloud Infrastructure

Enterprise-grade cloud hosting with 99.9% uptime SLA, automated backups, and disaster recovery.

🇪🇺

GDPR Compliance

Full EU data protection compliance with data residency options, transparent processing agreements, and right to deletion.

Data Handling

Our Data Handling Commitment

✓ Your production data stays yours - we never share, sell, or use it for training.
✓ Full right to data export and deletion at any time.
✓ Transparent data processing agreements.
✓ Regular penetration testing and vulnerability assessments.
✓ Incident response plan with defined SLAs.

Enterprise-grade security,certified