Legal & Trust Centre

Security

An overview of how SiteDay approaches platform security, tenant separation, access control, encryption and resilience.

Last updated: 10 April 2026

Security is an important part of how SiteDay is designed, operated, and improved. This page provides a high-level overview of the measures we use to help protect customer data and maintain platform reliability.

This page is intentionally written at a practical, sales-friendly level. It should not be treated as a guarantee of any specific certification, audit standard, or contractual security commitment unless separately agreed in writing.

1. Access Control

Access to SiteDay is protected through authentication controls and role-based permissions. Organisations control which users can access their account and what actions those users can perform.

2. Encrypted Connections

SiteDay is intended to be accessed over encrypted HTTPS connections to help protect data in transit between user devices and the platform.

3. Tenant Separation

SiteDay is designed with tenant separation in mind so that each customer organisation operates within its own account boundary. This supports the separation of customer data between organisations.

4. Data Storage and Infrastructure

SiteDay uses cloud-hosted infrastructure to operate the platform and store service data. Access to infrastructure and operational systems is restricted to authorised personnel where required for support, maintenance, or security purposes.

5. Backups and Resilience

Reasonable measures may be used to support platform resilience, recovery, and continuity, including backups, monitoring, and maintenance processes appropriate to the service.

6. Application Security

We aim to reduce common security risks through measures such as authentication controls, input validation, controlled access paths, software updates, and secure deployment practices.

7. Mobile App Permissions

The SiteDay mobile applications may request access to features such as camera, media storage, and location where those permissions are necessary for field service workflows. These permissions support operational functionality such as visit logging and photo capture.

8. Support Access

Where support tooling is provided, any temporary support access should be used only for legitimate troubleshooting, maintenance, or customer assistance purposes and should be controlled appropriately.

9. Responsible Reporting

If you believe you have identified a security issue relating to SiteDay, please report it to security@siteday.pro with as much detail as possible.

10. Ongoing Improvement

Security is an ongoing process. We continue to review and improve SiteDay’s architecture, controls, and operational practices as the platform evolves.