This document provides an overview of FXscanner’s security posture, service levels, and compliance documentation. It is intended for use by procurement, legal, and compliance teams evaluating FXscanner as a vendor.
1. Company Information
Legal entity: Intent Holdings Ltd
Registered in England and Wales
Registered address: 20 Wenlock Road, London, N1 7GU
Company number: 11795088
VAT number: GB332235143
Primary contact for vendor queries: [email protected]
2. Infrastructure & Hosting
FXscanner is hosted on reputable cloud infrastructure providers. Our platform is delivered via a modern web application stack with the following security characteristics:
- All data in transit is encrypted using TLS 1.2 or higher
- Data at rest is encrypted using AES-256 or equivalent
- Access to production infrastructure is restricted to authorised personnel only
- Multi-factor authentication (MFA) is enforced for all administrative access
- Access controls follow the principle of least privilege
3. Data Handling
FXscanner processes two categories of data: market intelligence data (FX rates, fees, and related pricing metrics compiled from proprietary sources) and customer account data (personal data relating to platform users).
Customer data is not sold or shared with third parties except as required to operate the service. A full list of subprocessors is provided in Section 7 below.
Data retention and deletion practices are described in our Privacy Policy at fxscanner.io/privacy.
4. GDPR Compliance
Intent Holdings Ltd is committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
- We maintain a Privacy Policy describing our data processing practices (fxscanner.io/privacy)
- We have a Data Processing Agreement (DPA) available for enterprise customers on request
- We maintain a subprocessor list (see Section 7)
- We have documented processes for handling data subject rights requests
- In the event of a personal data breach, we follow our documented incident response process including ICO notification within 72 hours where required
To request our DPA or for GDPR-related queries, contact: [email protected]
5. Service Level
5.1 Uptime
FXscanner targets 99.5% platform availability measured on a monthly basis, excluding scheduled maintenance windows.
5.2 Scheduled maintenance
Planned maintenance that may affect platform availability will be communicated to users at least 48 hours in advance by email or in-platform notification.
5.3 Incident response
For service-affecting incidents, we target acknowledgement within 4 business hours and resolution or substantive update within 24 hours for critical issues.
5.4 Data freshness
Market intelligence data is updated daily. Our target is for each daily update to be available by 09:00 UTC. Data freshness status is displayed within the platform.
5.5 Support
Support is available via [email protected] during UK business hours (Monday to Friday, 09:00–17:30 GMT/BST).
6. Security Certifications & Assessments
FXscanner is an early-stage platform. We do not currently hold ISO 27001 or SOC 2 certification. Our current security posture is documented in this document and we are committed to continuous improvement.
Cyber Essentials certification is on our roadmap for 2026. We are happy to complete vendor security questionnaires on request.
We maintain professional indemnity insurance appropriate to the nature of our services. Confirmation and details are available on request.
7. Subprocessors
The following third-party subprocessors are used in the delivery of FXscanner. We require all subprocessors to maintain appropriate data protection and security standards.
- Stripe - Payment processing - United States / Ireland
- Vercel - Application hosting and delivery — United States / EU regions
- Neon - Database hosting - United States / EU regions
- Google Cloud - Infrastructure services - United States / EU regions
We will notify customers of material changes to our subprocessor list with reasonable advance notice. The current list is maintained at this URL.
8. Business Continuity
FXscanner operates on resilient cloud infrastructure with automated backups and redundancy at the infrastructure layer. In the event of a significant service disruption, we will communicate status updates via our support channel and by email to affected customers.
9. Responsible Disclosure
If you identify a security vulnerability in FXscanner, please report it responsibly to [email protected]. We will acknowledge receipt within 2 business days and work to address valid reports promptly.
10. Contact
Procurement and compliance queries: [email protected]
Privacy and GDPR queries: [email protected]
Security queries: [email protected]
General support: [email protected]