How we protect your data

As a financial technology platform handling sensitive corporate and tax data, security is our foundational priority. We employ defense-in-depth strategies to ensure your information remains strictly confidential and protected against unauthorized access.

Encryption

All data transmitted between your browser and our servers is secured using modern TLS 1.3 encryption. Sensitive data stored in our databases, including your government gateway credentials and granular financial figures, is encrypted at rest using industry-standard AES-256 encryption.

Infrastructure Security

Our application is hosted on enterprise-grade cloud infrastructure (AWS/GCP), utilizing strict firewalls, virtual private clouds (VPCs), and continuous security monitoring to detect and block malicious activity. We regularly perform vulnerability scanning and apply security patches immediately.

Gateway Security

When transmitting your filings to the government, we communicate exclusively over official, secure APIs provided by HM Revenue & Customs and Companies House. We do not expose your raw credentials in logs or non-secure environments during this process.

Access Controls

Internally, we practice the principle of least privilege. WeFile staff do not have default access to your financial data or gateway credentials. Access to production systems is strictly limited, audited, and requires multi-factor authentication.

Data Privacy & GDPR

WeFile is fully compliant with UK GDPR. We only collect the data strictly necessary to facilitate your filings and provide the service. We never sell your data to third parties, and you can request the deletion of your account and personal data at any time.