Security Statement

CENTREL Solutions is committed to the security and privacy of our partners and customers. We strive to implement and maintain secure processes, procedures, standards, and take all reasonable care to prevent unauthorized access to customer data.

We apply appropriate administrative, operational, and technical security controls to help ensure that our customer data is handled and processed in a responsible and secure manner.

This Security Statement aims to provide our partners and customers with more information about our security infrastructure and procedures.

Reporting a Security Vulnerability

CENTREL Solutions reviews all reports of security vulnerabilities submitted to it affecting our products and solutions.

To report a vulnerability in one of our products or solutions please log a support call or email support@centrel-solutions.com.

Physical and Environmental Security

CENTREL Solutions has policies, procedures, and infrastructure to handle the physical security of our offices and buildings. Key fob access is required for external doors, intruder alarms with all external doors being alarmed, and 24/7 CCTV coverage with out of hours monitoring.

Information Security Policy

CENTREL Solutions' security policies and procedures define how the different areas of information security are managed within the company.

The security policy is periodically reviewed, and updated where necessary. The policies and procedures cover a wide array of security topics, ranging from general standards — which all employees must read, understand and comply with, such as account, equipment, data and physical security, to more specialized security covering the internal systems and applications.

Network and Device Security

To help protect our network and devices:

  • HTTPS encryption is configured and required for access to web applications and our website.
  • All workstations and laptops are configured with full drive encryption.
  • All workstations, laptops and servers are regularly patched with security patches.
  • All workstations, laptops and servers run anti-virus software.

Credit Card Information

Credit card information is handled by our payment partner Verifone. We do not store or handle credit card information directly. For more information please see the Verifone website https://www.verifone.com/.

Technical Support

Location

All CENTREL Solutions technical support staff are based in the United Kingdom. We do not outsource support services to third parties or offshore providers.

Remote Access for Support

CENTREL Solutions provides remote technical support using secure, industry-standard tools such as TeamViewer and Microsoft Teams. Remote sessions are initiated only with the customer's explicit consent and are conducted in accordance with our internal access control policies.

  • Session Security: All remote connections are encrypted and authenticated. Customers retain full visibility and control throughout the session.
  • Access Scope: Support staff access only the systems or data necessary to resolve the reported issue. No persistent access is retained after the session ends.
  • Auditability: Remote support activities are logged and reviewed to ensure compliance with our security and privacy standards.

Data Handling During Support

CENTREL Solutions support staff do not routinely access customer data. In cases where customers choose to provide diagnostic files, configuration details, or other materials to assist with a support request, the following practices apply:

  • Customer-Controlled Sharing: All data is voluntarily submitted by the customer. We encourage customers to redact or anonymize any sensitive information before transmission.
  • Secure Channels: Shared materials can be transmitted via our secure support site on the following URL: https://www.centrel-solutions.com/support/log-support-call.aspx
  • Limited Scope: Support staff access only the data necessary to diagnose and resolve the reported issue.
  • Confidentiality: All submitted information is handled in accordance with our internal confidentiality policies and applicable UK data protection laws, including the UK GDPR.

Privacy and Confidentiality

CENTREL Solutions adheres to strict confidentiality agreements and complies with applicable UK data protection laws, including the UK GDPR.

Our Privacy Policy contains more information on how we handle the data that we collect.

Application Environments and Deployment

CENTREL Solutions utilizes a structured set of environments to support the secure development, testing, and deployment of our software.

Development: Our software is developed on workstations that adhere to the "Network and Device Security" section below using the latest versions of Microsoft Visual Studio. CENTREL Solutions maintains disciplined release management and secure handling of source code.

Testing & QA: Functional and regression testing is performed on isolated virtual machines. These environments simulate customer configurations and are refreshed regularly.

Production (Cloud): For cloud-based deployments, our software is hosted in Microsoft Azure. Access to production environments is tightly controlled and monitored.

Production (On-Premises): For on-premises deployments, the software is packaged as an installer and delivered to customers. The installer is hosted on a secure web server hosted in Microsoft Azure and digitally signed to ensure integrity.

Patch Release Testing

Patches are provided directly to customers when urgent fixes are required between formal releases. These are typically delivered as updated DLL files with instructions for manual replacement.

All patches are tested prior to distribution. Testing is performed in isolated virtual environments that simulate customer configurations and usage scenarios. This process includes:

  • Functional Validation: Ensuring that bug fixes and enhancements behave as expected.
  • Regression Testing: Verifying that existing features remain stable and unaffected.
  • Environment Simulation: Patches are tested on virtual machines configured to mirror supported operating systems and deployment models.

All fixes provided through patches are incorporated into the next scheduled software release. These releases undergo full regression testing, are digitally signed to ensure integrity, and are published on the CENTREL Solutions website.

Software Development Methodology

CENTREL Solutions employs a bespoke agile-inspired approach to software development. Our process emphasizes flexibility, responsiveness, and secure release management.

Key characteristics include:

Incremental Development: Features and fixes are developed in manageable units, allowing for rapid iteration and customer-driven prioritization.

Secure Archival: Each release is versioned and archived to encrypted storage, ensuring traceability and integrity.

Continuous Testing: Functional and regression testing are performed throughout the development cycle using isolated virtual environments that mirror supported operating systems and deployment models.

Customer-Centric Planning: Development priorities are shaped by real-world usage, support feedback, and product roadmap goals. This tailored approach enables CENTREL Solutions to deliver reliable, secure software while adapting quickly to evolving customer needs.

Contact

If you need more information on how CENTREL Solutions manages cyber security, please contact our Cyber Security team using the following address: cybersecurity@centrel-solutions.com.

Last updated: 24th September 2025