Free Website Audit: Discover what's holding your digital presence back

Get your audit

Free Campaign Audit: Find the wasted spend draining your ad budget

Get your audit

Free Performance Audit: See what's slowing your site down, and fix it

Get your audit

Last Updated: 19th June 2026

Security Statement

At Konzept, we treat the security of our clients' websites and data as part of the craft, not an afterthought. Much of what we build sits at the front door of a client's business, so we hold ourselves to practical, no-nonsense standards on every project we take on. This statement explains, in plain terms, how we work to keep your information and digital assets safe.

1. How we keep client data safe

  • We collect and keep only the data a project genuinely needs, and we remove what we no longer use.
  • Access to client systems and credentials is limited to the people actively working on a project, and revoked once their involvement ends.
  • Sensitive credentials are kept in encrypted password managers, never in plain text, shared documents, or chat messages.

2. How we build secure platforms

  • The sites we build are served over HTTPS with modern TLS encryption by default.
  • Wherever possible we separate public-facing front ends from the content and admin systems behind them, shrinking the surface an attacker can reach.
  • We keep the platforms, plugins, and dependencies we rely on up to date and apply security patches promptly.
  • We harden the content management systems we deploy, locking down login endpoints, disabling unused features, and removing default weak points.

3. Hosting and continuity

  • We host with established providers that offer strong physical and network security and regular automated backups.
  • Backups and version control let us recover quickly and with minimal disruption if something goes wrong.

4. Working with third parties

When a project depends on outside tools or services, we choose partners with a credible track record on security and data protection. Where we handle personal data on a client's behalf, we work in line with their agreements and applicable data-protection law, including GDPR.

5. Reporting a concern

If you think you've found a vulnerability in a site we've built or in our own systems, email us at [email protected]. We read every report, take it seriously, and will respond.

6. An ongoing commitment

No statement makes a system permanently secure. We review our practices regularly and improve them as threats, tools, and our own projects evolve.