Last Updated June 13, 2025

Last Updated June 13, 2025

Last Updated June 13, 2025

Trust & Privacy

Trust & Privacy

Trust & Privacy

At Cophi, we understand that data privacy and security are critical—especially when handling feedback from your employees. That’s why we’re committed to maintaining high standards in safeguarding your data. We are fully GDPR compliant and adhere to industry best-practice security standards to protect your data at every step.

At Cophi, we understand that data privacy and security are critical—especially when handling feedback from your employees. That’s why we’re committed to maintaining high standards in safeguarding your data. We are fully GDPR compliant and adhere to industry best-practice security standards to protect your data at every step.

At Cophi, we understand that data privacy and security are critical—especially when handling feedback from your employees. That’s why we’re committed to maintaining high standards in safeguarding your data. We are fully GDPR compliant and adhere to industry best-practice security standards to protect your data at every step.

Cophi protects your data with industry-leading standards.

We’re committed to transparency and continuous improvement when it comes to information security.

Your insights are safe with us.

Cophi is designed with data privacy and organisational trust at its core — from encryption to responsible data access.

Fully GDPR Compliant

All data is securely stored and processed within the EEA, with encryption both in transit and at rest.

Access Control & SSO

Enterprise-level access via Single Sign-On and user-level control ensures your teams stay secure.

Ongoing Monitoring

We continuously test, assess, and evolve our platform’s security posture through audits and external penetration testing.

Our Commitment to Data Protection

GDPR Compliance

We comply with the General Data Protection Regulation (GDPR), ensuring transparency, accountability, and control for all users regarding their personal data.

Key aspects of our compliance include:


Lawful Basis for Data Processing: We collect and process personal data only when necessary and under a lawful basis, such as contract fulfillment or user consent.




User Rights: We support data subjects in exercising their rights, including access, rectification, erasure, portability, and objection to data processing.


Data Minimization: We collect only the data necessary for the purposes outlined, avoiding unnecessary or excessive information gathering.

Retention and Deletion Policies: Personal data is retained only as long as necessary, and deletion requests are honored in accordance with GDPR guidelines.



Security Best Practices

We follow a robust set of controls aligned with industry best practices, including:


Data Encryption: We use encryption in transit (TLS) and at rest to protect sensitive data.




Access Control: Role-based access ensures that only authorized personnel can view or manage customer data.


Regular Security Assessments: Our systems undergo routine vulnerability scanning and internal audits.

Secure Development: We integrate secure coding practices throughout our software development lifecycle.


Incident Response Plan: We maintain a clear and tested protocol for identifying, responding to, and notifying customers in the event of a data incident.

Your Data, Your Control

We believe in empowering our customers with visibility and control over their data. You can trust that your information is handled with care and integrity and if you need further information about any of your data or for data access, requests or privacy-related inquiries, please contact our Data Protection Officer (DPO) at info@cophi.io

Our Data Processing Agreement is available at
https://cophi.io/dpa-may25

Smooth Scroll
This will hide itself!