TRUSTED MARKETING
Last updated: April 2026

Security

How TRUSTED MARKETING approaches the security of this website and client data.

Security is built into how we build and run our own site - and it informs how we approach every client project. Here is a straightforward overview of how this site is secured and how we handle client data.

How this site is hosted

This site is a static Astro build deployed to global edge infrastructure. There is no server-side application layer, no database, and no dynamic code running on a web server. This architecture eliminates entire categories of common vulnerabilities - including SQL injection, server-side request forgery, and remote code execution attacks - because there is simply no server to attack.

Pages are served directly from a global CDN, which also provides DDoS mitigation and high availability as standard.

Encryption

All pages on this site are served over HTTPS with TLS encryption. Connections over HTTP are automatically redirected to HTTPS. This ensures that any data transmitted between your browser and our site - including form submissions - is encrypted in transit.

No payment data

This website does not process or store any payment card data. We do not have a checkout or payment facility on this site. If you engage our services, invoicing and payment are handled separately through secure, dedicated platforms.

Client credentials and CRM access

When we work with clients on CRM integration and marketing infrastructure, we apply strict least-privilege principles. This means we only request the minimum access permissions needed to do the work - and we document and review access levels at the start and end of each engagement. Client credentials are never stored in plain text, shared over insecure channels, or retained beyond the period of the engagement.

Responsible disclosure

If you believe you have found a security vulnerability on this site or in our systems, we would like to know. Please email us at security@trustedmarketing.co.uk with a description of the issue. We will respond promptly and work to address any confirmed vulnerabilities quickly.

We ask that you do not publicly disclose the issue until we have had a reasonable opportunity to investigate and respond.

Want to find out if we're a good fit?

Just a conversation about your firm — no pitch, no pressure.

Book a discovery call

30 minutes. No preparation needed.