Xota is the single system of record for your operation — schedules, people, clients, finance. We take that responsibility seriously. Here’s how we keep it safe, private, and available when you need it.
Your data lives in UK data centres. Encrypted in transit over TLS 1.2+ and at rest. Always.
Every query, every record, every file is scoped to your organisation. Row-level access enforced in the database, not the app.
Built to UK GDPR standards. Clear lawful basis, data subject rights, and a privacy policy written in plain English.
Nothing exotic. The kind of setup you’d pick if you were responsible for running it at 3am.
Application servers and databases run in UK data centres. Your data does not leave the UK in the course of day-to-day operation.
Data sits in a managed Postgres instance with row-level security policies enforced at the database layer — so a bug in app code can’t leak records between organisations.
All public endpoints are served over HTTPS with modern TLS ciphers and HSTS. Certificates are auto-renewed; we track expiry and failure alerts.
Production access is limited to named engineers, over SSH key auth only. There is no shared admin login.
Role-based access controls across the app, with granular permissions for admins, schedulers, operatives and portal guests.
Assign users to roles with scoped permissions — e.g. a scheduler who can edit bookings but not payroll, or a site manager who can approve absence for their team only.
Clients sign in through a portal that only ever shows data belonging to their projects. Admin surfaces are on a different route entirely.
Passwords are hashed with bcrypt. Self-service password reset uses time-limited, single-use tokens. Sessions expire after inactivity and can be revoked from the admin console.
MFA for admin accounts is on our near-term roadmap. If you need it now for a specific reason, get in touch — we’ll talk through options.
Clear data ownership, sensible retention, and straightforward tools for the data subject rights your staff and clients are entitled to.
Data you or your team enter into Xota belongs to you. We process it on your behalf under a Data Processing Agreement — available on request.
Download your core records — clients, projects, bookings, team members, absence — as CSV. No lock-in, no awkward “export fees”.
Archived records are kept for as long as your subscription is active. On cancellation, data is retained for 30 days and then permanently removed, unless you ask us to delete sooner.
If a staff member or client asks for a copy of their data, or asks to be removed, you can action most of it directly inside Xota. For anything you can’t, email privacy@xota.co.uk.
Because schedulers can’t wait until tomorrow and a lost record can ruin a week.
The production database is backed up every day. Backups are encrypted and stored in a separate region from primary storage.
We keep continuous write-ahead logs that let us restore the database to a specific moment within the past 7 days.
We test our restore path on a regular cadence — a backup you’ve never restored is a rumour, not a backup.
Health checks, error logging and performance monitoring run 24/7. On-call engineers are paged for anything user-facing.
Xota runs on UK-based infrastructure operated by Clean Bees Cleaning Ltd, trading as Xota. Registered in England & Wales.
Yes — a short, named list for things like email delivery and error tracking. Full list available on request or in your DPA.
No. Your operational data is not used to train any AI model, ours or anyone else’s.
A small number of named engineers, only for the purpose of delivering the service (e.g. investigating a bug you’ve reported). Accesses are logged.
We have a standard DPA ready to send. We’ll also complete reasonable security questionnaires — email security@xota.co.uk.
If something’s wrong, we’ll post to the in-app status banner and email affected admins. Post-incident write-ups are published when the root cause is something customers should know about.