Security and compliance
Built to be trusted.
Security is not something we bolt on at the end. We are building Zarco to recognised standards from the start, and we are actively working towards the certifications below. To be clear: we are not yet certified. We will mark each one as earned the moment it is.
Cyber Essentials
The UK government-backed baseline for everyday cyber hygiene.
Working towardsCyber Essentials Plus
The hands-on, independently tested tier of Cyber Essentials.
Working towardsISO/IEC 27001
The international standard for managing information security.
Working towardsSOC 2
Independent attestation of our security controls over time.
Working towardsHow we work in the meantime
Least privilege by default
People and agents get the minimum access they need, and every integration is scoped to the job.
A human on what matters
Agents draft and prepare; a person approves anything that leaves the building, and every run is logged.
Data minimisation
We collect only what a task needs, keep it only as long as it is useful, and never sell it.
UK-first data handling
Built and run for UK businesses, with providers chosen for appropriate data safeguards.
Want our current security posture in writing? Email luke@zarco.uk.