Provenly's whole job is to hold the evidence that your H&S documents were read and acknowledged — and to make sure that evidence still stands up months or years later, when someone asks you to prove it.
So it's fair to ask how it's built, where your data lives, and what happens if you ever need to lean on it. Here are the specifics, in plain terms.
Each record carries a fingerprint of the one before it.
Change any entry after the fact and the chain breaks — visibly.
The short version, before the detail
Every time someone acknowledges a document, Provenly writes a single record and locks it. It's immutable — written once, never edited or overwritten — and it captures the moment, who confirmed it, the device and network, and the exact version they saw.
Each record is linked to the one before it in a cryptographic chain. Change a single record after the fact and the chain breaks, visibly. That's what tamper-evident means: not that tampering is impossible, but that it can't be hidden.
Most people picture the risk as a visit from the HSE. The real shape of it is different — and it's worth seeing plainly.
A civil claim, brought by an employee months or years after an incident, turns on a simple question: can you show what this person was told, what they acknowledged, and when? "We're sure we sent it round" rarely answers it. A locked, dated, version-specific record does.
Sources — HSE Annual Report & Accounts 2023/24 (248 prosecutions); DWP Compensation Recovery Unit 2023/24 (44,547 employers'-liability claims registered). The point isn't fear — it's where proof gets used.
"Having the right document is the easy part. Managing it — and proving who read and signed which version — is where it falls apart. When a claim lands, the only thing that helps is the evidence trail. I built Provenly to be exactly that."
— Matt McAllen, founder of Provenly
Two things matter for evidence you may need to rely on under UK law: where it lives, and how the people in it are looked after.
Your documents and acknowledgement records are stored in the UK and EU. They aren't quietly transferred overseas, or handed to a provider whose home jurisdiction could reach into them. For evidence you may rely on in a UK court or tribunal, that's a deliberate choice.
Trust isn't only about the business. Your team install no app and sign in in seconds, and they see exactly which document and version they're confirming. What's recorded is only what's needed to make that sign-off stand up later — the moment, the version, and that it was really them — and it's explained plainly, not buried.
The acknowledgement log is chained using SHA-256 — the same family of cryptographic hash used across banking and government systems. In place now, not pending.
Anyone who can change documents or see the records — owners, managers and the consultants they invite — signs in with a second step, not a password alone.
We're working towards Cyber Essentials Plus, the UK government-backed certification, targeting October 2026. We'll call it certified when it is — not before.
A fair question for any tool you'd come to depend on: what if Provenly goes away? So here's the principle we're building to. You should be able to take your records out in a usable form and rely on them whether or not Provenly is still around. Your proof shouldn't live or die with your supplier.
The record is captured from day one. A polished, one-click audit-pack export is on the way — we'll firm this up as it ships.
We're not trying to do everything at once. Provenly does one job first — getting your documents read, signed and proven — and we're building it with a small group of real UK SMEs, across different industries and sizes, to get that one thing genuinely right before we widen it.
It's built in the open. When something's live, we say so; when it's still coming, we say that too. Follow the build →
No. Once someone acknowledges a document, that record is written once and locked — it can't be edited or deleted, by you or by us. If a document changes, you upload a new version; the original record stays exactly as it was, tied to the version that person actually saw.
It means any change to the record would show — not that change is impossible. Each acknowledgement is cryptographically linked to the one before it, so altering an entry after the fact breaks the chain visibly. Anyone reviewing it can tell the log hasn't been quietly rewritten.
In the UK and EU. Your documents and acknowledgement records aren't transferred to providers outside that region. For evidence you may need to rely on under UK law, keeping it within UK and EU jurisdiction is a deliberate choice.
Not yet — we're working towards Cyber Essentials Plus, with a target of October 2026. We'll only describe it as certified once it is. The cryptographic hash-chaining that protects the log is in place now, not pending.
The best way to judge an evidence tool is to look at the evidence it produces. Join the early-access list and we'll show you the real thing when we open access — no card, no sales call, no obligation.
Get early accessNo card, no sales call, no obligation.
Read how it works →