Skip to main content
Revue-ai - AI-Powered Delivery Intelligence

Security

Enterprise-grade security protecting your data at every level.

Last updated: December 2025

Our Security Commitment

At Revue-ai, security is foundational to everything we do. As a UK-based company handling sensitive business documentation, we understand the critical importance of protecting your data. We have implemented comprehensive security measures across our entire platform to ensure your information remains confidential, secure, and under your control.

Security Features

Encryption

All data is encrypted both in transit and at rest using industry-standard encryption protocols. We use TLS 1.3 for data in transit and AES-256 encryption for data at rest, ensuring your documents and reports are protected at all times.

Access Controls

We implement strict role-based access controls (RBAC) ensuring that only authorised personnel can access your data. Multi-factor authentication (MFA) is enforced for all administrative access, and we maintain comprehensive audit logs of all system access.

Infrastructure Security

Our platform is built on Microsoft Azure's enterprise-grade infrastructure, benefiting from their world-class physical security, network protection, and continuous monitoring. Azure data centres maintain numerous compliance certifications including ISO 27001, SOC 2, and more.

Monitoring & Detection

We employ continuous security monitoring and threat detection across our infrastructure. Automated alerting systems notify our security team of any suspicious activity, enabling rapid response to potential security incidents.

Regular Audits

Our security practices are regularly reviewed and audited. We conduct periodic penetration testing, vulnerability assessments, and security reviews to identify and address potential vulnerabilities before they can be exploited.

Employee Security

All Revue-ai employees undergo security awareness training and background checks. Access to customer data is strictly limited on a need-to-know basis, and we enforce the principle of least privilege across our organisation.

Microsoft Azure AI Foundry

Our AI capabilities are powered by Microsoft Azure AI Foundry, Microsoft's enterprise-grade AI platform. This provides significant security advantages:

  • Data Isolation: Your data is processed in isolated environments and is never mixed with other customers' data. Each request is processed independently with no data persistence beyond the immediate transaction.
  • No Model Training: Your data is never used to train, improve, or fine-tune Microsoft's AI models. Your documents and information remain entirely yours and are used solely to generate your reports.
  • Enterprise Compliance: Azure AI Foundry maintains compliance with major regulatory frameworks including GDPR, ISO 27001, SOC 2 Type II, and HIPAA, providing assurance that enterprise-grade controls are in place.
  • Content Filtering: Built-in content safety systems help ensure appropriate use and protect against misuse of AI capabilities.
  • Audit Logging: Comprehensive logging of all AI interactions enables full traceability and supports compliance requirements.
  • Regional Data Processing: Data processing occurs within specified geographic regions, supporting data residency requirements and sovereignty concerns.

Data Handling Practices

  • Documents are processed securely and deleted according to our retention policies
  • You retain full ownership of all your data and generated reports
  • Data export and deletion requests are honoured promptly
  • We maintain clear data processing agreements with all sub-processors
  • Regular data protection impact assessments are conducted

UK Data Protection & GDPR

As a UK-based company, we operate in full compliance with UK data protection legislation and the General Data Protection Regulation (GDPR). This includes:

  • Lawful basis for all data processing activities
  • Data minimisation—we only collect what we need
  • Purpose limitation—data is used only for stated purposes
  • Storage limitation—data is retained only as long as necessary
  • Respect for data subject rights including access, rectification, and erasure

Incident Response

We maintain a comprehensive incident response plan to address any security events swiftly and effectively. In the unlikely event of a data breach affecting your information, we will notify you within 72 hours as required by GDPR, providing full details of the incident and the steps we are taking to address it.

Security Questions

If you have questions about our security practices, require additional security documentation, or need to report a security concern, please contact our security team:

security@revue-ai.com