Skip to main content
PathMon

Enterprise due diligence

Request the Legal & Security Evidence Pack

If your procurement or security team needs more than what we publish here, this is the page for you. We maintain a full legal and security evidence pack for enterprise prospects. Most documents are provided under NDA.

Public (no request needed)

These are published on our website and can be read, linked, or forwarded without contacting us first.

Provided on request, pre-NDA

These are normally expected in enterprise procurement and we send them on request without requiring an NDA first.

  • Data Processing Agreement (template) with sub-processor schedule, TOMs, SCC / UK IDTA module
  • ISO/IEC 27001 and ISO 9001 certificate covering our hosting and disaster-recovery infrastructure
  • Security Questionnaire Response (vendor assessment)

Under NDA

These contain operational, procedural, and third-party (sub-processor) detail that we share only with prospects and customers under a mutual non-disclosure agreement. We can accept your NDA or provide ours; both options are routine.

  • Incident Response Plan
  • Breach Notification Procedure
  • Shared Responsibility Matrix
  • Information Security Policy
  • ISMS Scope Statement
  • Access Control Policy
  • Vulnerability Management Policy
  • Data Retention & Deletion Policy (full internal version)
  • Business Continuity Plan
  • 9 Technology Group Ltd Statement of Applicability and ISMS policy pack (sub-processor evidence)
  • Penetration test executive summary (as available)

How to request

  1. Email compliance@patchmon.net with your name, company, role, and which documents you need.
  2. Include your work email (free-mail domains are declined) and a short note on the use case (for example, which of our plans you are evaluating).
  3. If you need NDA-gated documents, say whether you will provide your NDA or would like us to send ours.
  4. We acknowledge within 2 business days and send pre-NDA documents on the same day. NDA-gated documents follow once the NDA is in place.
Email compliance@patchmon.netUse the contact form

What you receive

Documents are delivered as PDFs with a version and issue date on the cover. Each document is provided in its full form; we do not redact routine policy content. NDA-gated documents are watermarked with the requesting organisation's name and the date of issue to support traceability.

We update documents on a published review cadence and will send updates to you where a change materially affects your evaluation or an active customer relationship.