Certified & Irreversible Data Destruction

Secure Data Destruction You Can Prove

Certified erasure and physical destruction for HDDs, SSDs, and digital media — with full documentation to meet GDPR, ISO, NHS, and MOD requirements.

Schedule Certified Destruction Download Sample Report
Secure data destruction: shredded hard drives and digital media
Why It Matters

The Risk of Retired Hardware

Residual Data Remains

Deleting or formatting isn’t enough—data can often be recovered using simple tools.

Costly Data Breaches

UK businesses lose on average £3M+ per breach from compromised end-of-life devices.

Compliance Obligations

GDPR and sector-specific regulations demand verifiable, certified data destruction.

Our Data Destruction Methods

We use multiple secure methods to ensure that all data is permanently destroyed, tailored to the media type and your compliance requirements. Full reports and certificates are issued with every job.

  • 1

    In-House Erasure

    We use an in-house developed software protocol that performs multiple overwrites followed by verification checks. Each device is securely erased and accompanied by a verifiable erasure report.

  • 2

    ATA Secure Erase

    Modern HDDs and SSDs have built-in secure erase commands defined by the ATA standard, sometimes called “Sanitise” or “Enhanced Secure Erase.” Where supported, we trigger these on-board commands to scramble all stored data at the firmware level, making recovery impossible.

  • 3

    Certified Software Erasure

    For clients requiring formal certification, we provide erasure using audited tools such as Blancco, WhiteCanyon, or KillDisk. These solutions generate tamper-proof reports accepted under ISO, GDPR, NHS, MOD and other regulatory frameworks.

  • 4

    Physical Destruction

    For drives beyond erasure, we provide shredding or crushing services to physically destroy the media. This guarantees permanent data elimination and is always accompanied by a Certificate of Destruction.

Sample Certificate of Erasure Sample Certificate of Destruction
Coverage

Media We Handle

We securely erase or physically destroy all common forms of digital media, ensuring nothing leaves your organisation recoverable.

HDDs & SSDs

Complete erasure or shredding of all spinning and solid-state drives.

Backup Tapes

Secure destruction of legacy LTO and DAT backup media.

Optical Media

Shredding and disposal of CDs, DVDs, and Blu-ray discs.

Mobile Devices

Certified erasure or destruction of smartphones and tablets.

Compliance & Certification

Our data destruction services are designed to meet the strictest international and sector-specific standards. Every erasure or destruction process is fully documented and accompanied by a tamper-proof certificate.

  • Compliant with GDPR data protection requirements
  • Processes aligned with ISO 27001 information security standards
  • Reports accepted by NHS, MOD, and financial regulators
  • Certificates of Destruction provided for every asset
  • Our SSD erasure process follows the same scientific principles documented by UCSD's Wei et al. ("Reliably Erasing Data From Flash-Based SSDs") , using multi-stage random overwrites plus firmware sanitisation to ensure compliance.
Certificates of compliance for secure data destruction

SSD Sanitisation Technical Explanation (For Auditors & IT Professionals)

Flash-based solid-state drives cannot be reliably sanitised using simple overwriting. Peer-reviewed research (Wei et al., UCSD, 2011) confirms that SSDs retain digital remnants even after many overwrite passes due to controller behaviour and the internal architecture of flash memory.

Key Facts

  • The Flash Translation Layer (FTL) remaps writes, leaving stale physical pages untouched. (See digital remnant examples and test results on pages 3–4 of Wei et al.)
  • Standard overwrite techniques leave 4–75% of file data intact. (See single-file overwrite results on page 7 of Wei et al.)
  • Some SSDs retained data even after 20 overwrite passes. (See Table 2 on page 5 of Wei et al.)
  • ATA Secure Erase may be incorrectly implemented on certain drives. Some reported a “successful” erase while all data remained intact. (See command failures on pages 4–5, Drive B, in Wei et al.)
  • SSDs using compression may ignore zero/one patterns, causing overwrites to have no effect on underlying flash cells.

Required Workflow for Verifiable SSD Sanitisation

To achieve a verifiable and auditor-acceptable sanitisation outcome, the workflow must include:

  • 1–3 rounds of PRNG-generated random overwriting to force writes into compressed and over-provisioned blocks
  • Full verification of all written random data
  • ATA Secure Erase or NVMe Sanitise as the final firmware-level purge
  • Physical destruction when sanitisation cannot be verified or when the device is non-responsive

This multi-stage process is the foundation of TFix's SSD sanitisation workflow, ensuring GDPR-compliant, NIST 800-88r2 and NCSC Secure Sanitisation Guidance aligned, audit-ready data sanitisation for all flash-based media.

Our Data Destruction Policy Our Information Security Policy

Frequently Asked Questions

Key details about our certified data erasure and destruction services.

What Types of Media Can You Erase?

We securely erase or destroy HDDs, SSDs, backup tapes, optical discs, servers, and mobile devices. Each method is matched to the media type to ensure data is permanently unrecoverable.

Do You Provide Certificates of Destruction?

Yes. Every erasure or destruction job is documented and supplied with a tamper-proof Certificate of Destruction or Erasure Report, accepted under GDPR, ISO 27001, NHS, and MOD compliance frameworks.

What Erasure Methods Do You Use?

We use in-house multi-pass overwrite routines, ATA Secure Erase, NVMe Sanitise, PRNG-based random overwriting, and physical destruction when required. The method chosen depends on the device type and compliance needs.

What Happens if a Drive Fails Erasure?

If a device cannot be sanitised or verified, it is diverted immediately to physical destruction. This guarantees data elimination and ensures full compliance with GDPR and NIST 800-88r1 expectations.

Why Does SSD Sanitisation Require a Different Process?

SSD sanitisation requires multiple stages: PRNG random overwriting, full-data verification, and finally ATA Secure Erase or NVMe Sanitise. SSD controllers remap and compress data, meaning simple overwriting is insufficient. This extended workflow increases processing time and therefore incurs a higher cost.

How Do You Guarantee Data from SSDs Cannot Be Recovered?

Our SSD workflow follows research-based standards: random overwriting to fill over-provisioned areas, verification of written data, and a final firmware-level secure erase. If verification fails, the device is physically destroyed. This ensures data is permanently unrecoverable, even from stale flash blocks.

Secure Data Destruction Pricing

Certified GDPR/ISO-compliant erasure or destruction with tamper-proof certificates

Certified (Per-Device Erasure)

£15 / device

  • Multi-pass in-house or ATA Secure Erase
  • HDD, SSD, tapes, optical, mobiles supported
  • Tamper-proof Certificate of Erasure
  • If erasure fails, device is physically destroyed
  • SSD erasure + £10 due to extended sanitisation (see note)
Book Now

Batch (100 Devices)

£495 / batch

  • Any media mix in one batch
  • Blancco / WhiteCanyon / KillDisk reports
  • Consolidated compliance pack (GDPR/ISO 27001)
  • Full chain-of-custody audit trail
  • SSDs + £100 per batch due to extended sanitisation (see note)
Book Now

Enterprise Compliance

Custom

  • Policy-aligned erasure profiles (NHS/MOD/Finance)
  • Asset serial capture & advanced reporting
  • Physical destruction for exceptions included
  • SSD sanitisation surcharges apply (NIST 800-88r1 workflow)
Request Quote

Prices exclude VAT. Pricing applies per data-bearing device (HDD, SSD, tape, mobile). SSDs incur a surcharge due to mandatory multi-stage sanitisation (firmware secure erase + random overwrite) required to meet GDPR/NIST 800-88r2 and NCSC Secure Sanitisation Guidance standards. Complex systems requiring extended disassembly may incur an additional extraction fee, confirmed at survey.

Request Certified Data Destruction

We’ll confirm media type, compliance requirements, and processing method before scheduling.

✅ Certificates of Destruction or Erasure Reports provided with every job.

You May Also Need

IT Decommissioning

IT Decommissioning

Full-service removal, disconnection, and packing of IT assets, ensuring readiness for secure erasure or disposal.

Secure WEEE Collection

Secure WEEE Collection

Fully licensed pickup of IT equipment with chain-of-custody documentation and secure transport.

Asset Recovery

Asset Recovery

Maximise financial return from retired hardware through secure refurbishment, resale, or profit-sharing schemes.