Security & compliance
Designed for a regulated environment
Client data deserves care. ProSuitability is built around the advice process, with controlled access and auditable actions. We describe what we do plainly — and never imply a compliance guarantee.
Access control
Role-based access for advisers, paraplanners and firm admins. Each user sees only what their role permits.
Auditability
Significant actions across the workflow — case changes, sign-off, exports — are recorded with a timestamp and user.
Data hosting
Hosted on DigitalOcean App Platform in the UK (London region). Data does not leave UK data centres.
Encryption
All traffic encrypted in transit with TLS 1.2+. Data at rest encrypted on DigitalOcean managed Postgres.
Retention
Firm data is retained for the life of your subscription. After lapse there is a 90-day read-only window, after which data can be deleted on request.
Sub-processors
DigitalOcean (hosting and managed database), Stripe (payment processing), Resend (transactional email). No other sub-processors access client data.
Questions about data safety?
Book a demo and we'll walk through how your firm's data is handled.