Data Residency
All production data is hosted in UK infrastructure. StrydeOS does not intentionally move patient-identifiable data outside approved UK hosting regions for routine operations.
Verified Security Baseline
StrydeOS Data Handling and Security Policy
Built for clinical precision with data protection as the baseline. This public policy summarizes our operational controls for data residency, encryption, access, incident handling, and retention.
Effective date: March 2026 · Version 1.0 · Last reviewed: March 2026
UK-hosted production infrastructureGoogle Cloud eu-west2 (London)
Encrypted transport + storageTLS in transit and AES-256 at rest
Role-based access controlsAccess limited by account permissions
Event and access loggingAccountability and incident review trails
Encryption & Access Control
Data in transit is encrypted using modern TLS standards. Data at rest is encrypted using managed cloud controls. Access follows role-based permissions with authentication and auditable events.
Audit Logging & Retention
Access and critical security events are logged for accountability. Retention and deletion are controlled through policy-based lifecycle controls and contractual obligations.
Incident Response
Security events are triaged through a documented response process. Where legally required, notifications are made to relevant supervisory authorities and affected parties within required timeframes.
Contact and Requests
For privacy or security requests, data access inquiries, or policy questions, contact hello@strydeos.com.
StrydeOS Ltd · Private practice clinical performance software