Security at Tidy Affairs
Your privacy isn't a feature. It's a foundation.
So secure, we use it ourselves
Tidy Affairs combines technical and behavioural security. Your information is encrypted before it leaves your device and, with the two-person rule, access is controlled by agreement amongst the people you choose.
How your data stays safe
Multiple layers of protection.
Client-side encryption
Your documents are encrypted on your device before being sent to our servers — we only handle encrypted data.
Passwordless authentication
We use magic links and passkeys for a secure, phishing-resistant login process — we don't ask for passwords, so we don’t need to store passwords.
Zero-knowledge, multi-tier architecture
Encryption keys are derived from security answers and cryptographic salts from a separate, secure API — your encryption keys are never held near your vault.
Encrypted data at rest
Email addresses and sensitive metadata are encrypted before being stored. Security answers are securely and irreversibly hashed — we don't take any risks with your data.
Security question
Each vault has its own security question. Make it something personal that only key holders would know — you control the complexity.
Collection alerts
An email notification is sent every time someone tries to open a vault. The time-lock feature, if enabled, can be used to delay opening and block requests if necessary.
New IP alerts
We notify you if your account logs in from a new IP address. If you don't recognise the activity you can take swift action to secure your account.
Access management
View all your active logged-in sessions. If you notice unusual activity, or if you just want to reset your security, you can sign-out devices and delete passkeys.
Behavioural security
Why we recommend the two-person rule
Technical encryption protects your data from outsiders. But what about the people you’ve trusted with access? The two-person rule adds behavioural security — protection that comes from requiring two people to agree before any action is taken.
When you enable the two-person rule on a vault, no single key holder can access it alone. Both key holders must verify their identity, the requesting key holder must answer the security question and at least one other key holder must approve the collection request.
This protects against:
- Hasty or premature access attempts
- Misunderstandings about the right time to collect
- Situations where one person might not be acting in your best interests
- Accidental or unintended access
Think of it like a bank vault with two keys held by different people. The vault is already secure, but requiring two keys ensures that opening it is always a deliberate, agreed decision.
You can nominate a single key holder if you prefer, but we strongly recommend enabling the two-person rule on your vaults for the added peace of mind it provides.
How we protect the platform
UK-only infrastructure
All data is stored on independent UK infrastructure — not big-tech cloud. Your data stays safely under UK jurisdiction, supported by a dedicated, accountable UK team.
Session management
Sessions expire after 20 minutes of inactivity. We track which devices are logged in and you can revoke any session remotely from your dashboard. Unusual access patterns trigger alerts.
Brute-force protection
Login attempts, collection requests and other sensitive actions are rate-limited. Too many failed attempts and you’re temporarily locked out — slowing down anyone trying to guess their way in.
Comprehensive audit trail
Every login, vault access, key holder change, collection attempt, and settings change is logged. Business accounts get extended history with CSV export and long-term retention.
Key splitting
Decrypting your documents requires three things held in three separate places: your security answer, a cryptographic salt on a separate server, and the encrypted data itself. Breaching any single system is not enough.
Cyber Essentials certified
Built and hosted by Cyber Essentials certified companies. Daily offsite backups. 24/7 service monitoring. Support from real people who actually respond.
What we don't do
We believe security is stronger when we limit who we associate with
No social logins — We don't connect to Google, Facebook, or any other identity provider. Your Tidy Affairs account is completely independent.
No tracking — We don't use analytics cookies, tracking pixels, or behavioural monitoring. Your activity on Tidy Affairs is your own, private business.
No advertising — There are no ads on Tidy Affairs. We don't serve ads, we don't show sponsored content, and we don't accept advertising revenue.
No third-party integrations — No external companies have access to your data. We don't integrate with any marketing services or business intelligence systems.
No data selling — We don't sell, share, or monetise your data. Our income comes from paid accounts, not from customer information.
No data egress — All hosting and data storage is located in the United Kingdom. As a business we don't even use OneDrive, Dropbox or any other cloud storage service.