Security

How we keep your data and your couples' data safe.

UK-Based Infrastructure

All data stored on AWS infrastructure in the UK (eu-west-2). No data leaves the UK without your consent.

Encryption at Rest & in Transit

AES-256 encryption at rest. TLS 1.3 for all data in transit. Database backups encrypted separately.

Role-Based Access Control

Granular permissions — every user sees only what they need. Full audit log of all administrative actions.

GDPR Compliant

UK GDPR compliant by design. DPA available on request. Data Processing Agreements included on all plans.

Infrastructure

Weddinguru runs entirely on Amazon Web Services (AWS), using the eu-west-2 (London) region. All production data resides within the UK. We use:

  • AWS RDS (PostgreSQL) — primary database with Multi-AZ failover
  • AWS S3 — document and file storage with versioning enabled
  • AWS CloudFront — CDN for static assets
  • AWS WAF — web application firewall blocking common attack vectors
  • AWS VPC — all services deployed in a private Virtual Private Cloud

Our infrastructure is managed as code (Terraform) with automated deployments. All changes are peer-reviewed and logged.

Encryption

  • Data in transit: TLS 1.3 enforced on all connections. HTTPS-only with HSTS headers. TLS 1.0 and 1.1 disabled.
  • Data at rest: AES-256 encryption on all database volumes and S3 buckets using AWS KMS-managed keys.
  • Backups: All database backups encrypted with a separate KMS key before being stored in S3.
  • Passwords: User passwords hashed using bcrypt with a minimum cost factor of 12. We never store plaintext passwords.
  • API keys & secrets: All secrets stored in AWS Secrets Manager. Never in environment variables or code.

Access Controls

Access to Weddinguru is managed via role-based access control (RBAC):

  • Platform roles: Owner, Admin, Coordinator, View-Only — each with configurable permissions
  • Data isolation: Each venue's data is logically isolated. No cross-venue data access is possible.
  • Infrastructure access: Production access is restricted to a small number of senior engineers via AWS IAM with MFA required. Access is reviewed quarterly.
  • Audit logs: All administrative actions in the platform are logged with timestamp, user and IP address. Logs are retained for 12 months.

Backups & Recovery

  • Database backups: Automated daily snapshots retained for 35 days. Point-in-time recovery available for the last 35 days.
  • File backups: S3 object versioning enabled. Deleted files can be restored for up to 90 days.
  • Recovery objectives: RTO (Recovery Time Objective) <4 hours. RPO (Recovery Point Objective) <1 hour.
  • DR testing: Disaster recovery procedures are tested quarterly.

Authentication

  • Two-factor authentication (2FA): Available to all users via TOTP (authenticator app) or email OTP. Compulsory for Owner/Admin roles.
  • Session management: Sessions expire after 12 hours of inactivity. Concurrent session limits configurable per account.
  • Brute force protection: Account lockout after 5 failed login attempts. CAPTCHA on login for suspicious traffic patterns.
  • Password policy: Minimum 10 characters. Passwords checked against known breach databases (HaveIBeenPwned API) on registration and change.

Monitoring & Alerting

We operate 24/7 automated monitoring across all production systems:

  • AWS CloudWatch and Datadog for infrastructure metrics and alerting
  • Uptime monitoring with <1-minute check intervals (target 99.9% SLA)
  • Automated anomaly detection for unusual activity patterns
  • Real-time security event logging and alerting via AWS CloudTrail
  • DDoS protection via AWS Shield Standard on all endpoints

Penetration Testing

We commission independent penetration tests at least annually from a CREST-accredited security firm. Tests cover:

  • Web application (OWASP Top 10)
  • API security
  • Infrastructure and network
  • Authentication and authorisation logic

Critical and high-severity findings are remediated within 7 days. Medium findings within 30 days. Summaries are available to Enterprise customers on request under NDA.

Incident Response

We maintain a documented Incident Response Plan. In the event of a security incident:

  • We will notify affected customers within 72 hours of becoming aware of a personal data breach — in line with our UK GDPR obligations
  • We will notify the Information Commissioner's Office (ICO) where required
  • A post-incident report will be shared with affected customers

To report a security concern, contact security@weddinguru.co.uk.

Employee Security

  • All employees undergo background checks before joining
  • Security awareness training completed on joining and annually thereafter
  • All company devices are encrypted, managed via MDM, and use endpoint security software
  • Access to customer data is on a need-to-know basis, logged, and reviewed quarterly
  • All employees sign confidentiality agreements covering customer data

Responsible Disclosure

We welcome reports of security vulnerabilities from the security community. If you believe you have found a security issue in Weddinguru, please:

  1. Email security@weddinguru.co.uk with a description of the issue
  2. Include steps to reproduce and potential impact
  3. Allow us reasonable time to investigate and remediate before public disclosure

We are grateful for responsible disclosures and commit to acknowledging all reports within 2 business days. Please do not access, modify or delete any customer data during your research.

Security team: security@weddinguru.co.uk
Data Protection Officer: dpo@weddinguru.co.uk

Related policies

Privacy Policy Terms of Service Cookie Policy