Mesmerise Security

Our Information Security teams are responsible for ensuring we have a ‘secure by design’ approach to all our platforms and products, as well as making sure our business operations are resilient to a major cyber security disruption or data breach.

The team supports this through managing a robust framework of security controls that are successfully tested and evidenced through external certifications as well as providing a Centre of Excellence to understanding and explaining security in the use of immersive technology, spatial computing, XR design, data analytics and artificial intelligence solutions.

At Mesmerise, we understand the value of information security and data privacy in our journey, bringing Spatial Computing and Artificial Intelligence solutions closer to the limits of our imagination for our clients and industry. Protecting our organisational and client data is a matter of common sense, commercial acumen and moral responsibility. Implementing security controls aren’t just a tick in the box towards compliance. They are a critical part of how we work.

Andrew Hawken | CEO and Co-Founder, Mesmerise

For more information, please contact us.

ISO27001:2013

Mesmerise operates an information security management system in relation to the development and support services for immersive technology and spatial computing, XR design, data analytics and artificial intelligence solutions which has been assessed and certified by UKAS audit company Approachable Certification as meeting the requirements of ISO 27001:2013 standard under certificate number:

12053-ISMS-001
31/10/2025

ISO27001:2022

Mesmerise operates an information security management system in relation to the development and support services for immersive technology and spatial computing, XR design, data analytics and artificial intelligence solutions which has been assessed and certified by audit company Intercert as meeting the requirements of the updated ISO 27001:2022 standard under certificate number:

ICI-IS-2308049
24/08/2026

SOC 2

Mesmerise operates as a certified third-party software/platform provider that stores and processes client data in a secure manner. This has been verified against SOC 2 (System and Organization Controls) relevant to the Security, Availability, Processing Integrity, Confidentiality, & Privacy of data (AICPA Guide) as meeting the requirements of:

Type 1
02/08/2023

GDPR

Mesmerise has been independently assessed to provide assurance that data protection accountability, responsibility, policies and procedures, performance measurement controls and reporting mechanisms are in place and operating effectively to meet our GDPR obligations. For example, Governance, Risk Management, DPO, Data subject rights, Information security and data processing activities.

ICI-GDPR-2309003
13/09/2024

HIPAA

Mesmerise has been independently assessed to provide assurance that the data protection protocols in place ensure the security and privacy of personal health information (PHI) is adequately protected and complies with HIPAA . For example, breach notification, cyber security controls and data transfer protocols and processes are operating effectively.

ICI-GDPR-2309004
13/09/2024

Cookie	Duration	Description
_wpfuuid	1 year 1 month 4 days	This cookie is used by the WPForms WordPress plugin. The cookie is used to allows the paid version of the plugin to connect entries by the same user and is used for some additional features like the Form Abandonment addon.
ARRAffinity	session	ARRAffinity cookie is set by Azure app service, and allows the service to choose the right instance established by a user to deliver subsequent requests made by that user.
ARRAffinitySameSite	session	This cookie is set by Windows Azure cloud, and is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	The website's WordPress theme uses this cookie. It allows the website owner to implement or change the website's content in real-time.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.