Security & Compliance

Security & Compliance

EchoDepth is built for enterprise deployment under UK GDPR, ICO and sector-specific regulatory frameworks.

UK GDPR Compliant

All EchoDepth deployments operate under UK GDPR frameworks. Data processing agreements available for all enterprise deployments.

ICO Registered

Cavefish Ltd is registered with the Information Commissioner's Office. ICO registration: ZB915623.

Consent-First Architecture

All EchoDepth deployments require explicit consent from data subjects. Consent frameworks are deployment-specific and documented.

Data Minimisation

EchoDepth processes only the data required for the specified analytical purpose. Raw biometric data is not retained beyond the processing window.

Audit Trail

All EchoDepth analysis sessions produce a full, auditable processing log for governance and compliance reporting.

Sector-Specific Governance

EchoDepth deployments in regulated sectors (defence, financial services, HR) include sector-specific governance documentation.

Compliance Documentation

Full compliance documentation, DPIAs and consent frameworks are available for all enterprise deployments. Contact us to request documentation for your specific context.

Request Compliance Documentation →