Skip to main content

Security overview

Last updated: 2026-07-16

the individual sole trader operating the myPitLab service in England and Wales operates myPitLab as a multi-tenant field survey platform. This page summarises the controls we use today — factual product behaviour, not marketing claims or certifications we have not obtained.

1. Organisation isolation

Customer records are scoped to an organisation. Database access is enforced with Row Level Security (RLS) so authenticated users only see data for organisations they belong to. Object storage paths are organised by organisation ID.

2. Where data is stored

3. Access & encryption

4. Privacy & rights

Users can export or request deletion of personal data from the Privacy Dashboard. Our full Privacy Policy lists subprocessors and retention practices.

5. Vulnerability disclosure

Report security issues to security@mypitlab.com or see security.txt. Please do not publicly disclose issues before we have had a reasonable chance to respond.

6. What we do not claim

myPitLab is not presenting itself here as ISO 27001, SOC 2, or Cyber Essentials certified as a product. We operate on infrastructure from providers that publish their own compliance programmes, and we maintain internal security readiness documentation. Ask us if you need a DPA or a written security questionnaire for procurement.

Questions: support@mypitlab.com

Privacy PolicyTermsPrivacy DashboardAccount security