All Collections
Privacy & Security
Security and Compliance
Security and Compliance
Nick Bishop avatar
Written by Nick Bishop
Updated over a week ago

Data security and compliance is important to MyMynd. We are 100% committed to securing our platform and our data.

MyMynd employs industry-standard technologies and services to ensure data is secured against unauthorized access, disclosure, use and loss.

Hosting & Physical Access Control

The MyMynd platform is hosted using Amazon Web Services (AWS), primarily in the Europe (London) region.

Under the AWS Shared Responsibility model, AWS is 'responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud'. This includes:

  • Hardware

  • Software

  • Networking

  • Other facilities that run AWS Cloud services

AWS implements a number of extensive controls to ensure their data centres are secure and resilient by design.

MyMynd is responsible for the security of our platform & applications that run 'in' AWS. We do this through a number of security layers:

Data Security

Data Encryption

All sensitive data stored by MyMynd in AWS is encrypted at rest, this applies to databases, caches and other persistent storage mechanisms e.g. S3.

Data in transit is also encrypted, using HTTPS transport layer security (TLS) encrypted connections.

Application Security


As well as implementing recommended password complexity requirements for users of the MyMynd platform, we also encourage the use of multi-factor authentication (MFA) where possible.

Secure Application Development (Application Development Lifecycle)

At MyMynd, we use a number of automated tools and systems to help support our code and development practices to promote secure application development. This includes but is not limited to version control, dependency management, testing & deployment.

Corporate Security

Cyber Essentials

As part of our commitment to security, MyMynd has completed the government-backed Cyber Essentials certification. This helps us to ensure we have the necessary technical controls in place to protect our systems and processes against common online security threats.

Did this answer your question?