Aerom maintains the highest standards of data protection, regulatory compliance, and forensic integrity across all our operations and client engagements.
Data Protection
As an EU-based company (Estonia), Aerom OÜ is fully subject to and compliant with the General Data Protection Regulation (GDPR) — Regulation (EU) 2016/679.
All personal data processed during forensic investigations, client engagements, and software operations is handled in strict accordance with GDPR principles including lawfulness, purpose limitation, data minimisation, accuracy, storage limitation, and integrity and confidentiality.
Our data protection measures are designed to meet the stringent requirements of the financial services sector, including banking-grade encryption, access controls, and audit trails.
Our Standards
Full compliance with EU data protection law. Lawful processing, data minimisation, purpose limitation, and data subject rights are embedded in every process.
Our information security management practices are aligned with ISO 27001 standards, covering risk assessment, access control, incident management, and business continuity.
Evidence Standards
Aerom OÜ — Registry Code: 16012345 — Tallinn, Estonia
All forensic operations conducted by Aerom OÜ maintain a complete chain of custody with cryptographic verification at every stage.
Evidence is acquired using write-blocked extraction methods with SHA-256 hashing to ensure data integrity. Every action is logged with timestamps, operator identification, and tool versioning to produce court-admissible evidence.
Our forensic processes are designed to meet the evidentiary standards required by banking fraud investigations, financial regulatory inquiries, and law enforcement proceedings.
Data Encryption: AES-256 at rest, TLS 1.3 in transit
Hash Verification: SHA-256 at acquisition and every transfer point
Access Control: Role-based access with multi-factor authentication
Audit Trail: Immutable logging of all forensic operations
Data Retention: Configurable retention policies compliant with client requirements
Entity: Aerom OÜ, Tallinn, Estonia (Registry: 16012345)
FAQ
All personal data encountered during forensic investigations is processed in strict accordance with GDPR. Data is minimised to what is relevant to the investigation, encrypted at all times, and subject to agreed retention and deletion policies.
Yes. Our evidence acquisition, processing, and reporting procedures are designed to produce court-admissible evidence with complete chain of custody documentation, cryptographic verification, and detailed audit trails.
Absolutely. Our forensic tools and custom software are specifically designed to support financial investigations including fraud detection, transaction analysis, and regulatory compliance inquiries. We work closely with banking compliance and internal audit teams.
Our information security practices are aligned with ISO 27001 standards. We maintain comprehensive data protection policies, regular security audits, and a dedicated compliance programme. Specific certification details are available upon request.
Aerom OÜ is based in Tallinn, Estonia (EU Member State). All data processing occurs within the European Union in compliance with GDPR data residency requirements. On-premises deployment options are available for clients with specific data sovereignty requirements.
Download our full compliance statement for your procurement records.
Download COMPLIANCE.md