Certified & Irreversible Data Destruction

Secure Data Destruction You Can Prove

Controller-level secure erase (Purge), logical sanitisation (Clear), or certified physical destruction (Destroy) — aligned with NIST 800-88r2 and NCSC guidance.

Schedule Certified Destruction
Industrial HDD shredding compliant with DIN 66399 H-5 standards
Why It Matters

The Risk of Retired Hardware

Residual Data Remains

Deleting or formatting isn’t enough—data can often be recovered using simple tools.

Costly Data Breaches

UK businesses lose on average £3M+ per breach from compromised end-of-life devices.

Compliance Obligations

GDPR and sector-specific regulations demand verifiable, certified data destruction.

Our Data Destruction Methods

We apply secure, industry-recognised data sanitisation and destruction methods based on media capability, confidentiality requirements, and applicable regulatory standards. Every asset is processed under full chain-of-custody controls, with documented verification and individually serialised certification provided for audit purposes.

  • 1

    Clear (Logical Sanitisation)

    Manufacturer Factory Reset
    Controller-Level Format
    SSD Logical Overwrite (where appropriate)
    Generates: Certificate of Data Sanitisation

  • 2

    Purge (Controller-Level Secure Erasure)

    NVMe Sanitize (Crypto / Block / Overwrite)
    ATA Enhanced Secure Erase
    HDD Logical Overwrite
    Generates: Certificate of Data Destruction

  • 3

    Destroy (Physical Destruction)

    Physical destruction to particle sizes consistent with DIN 66399 H-5 (HDD) and E-3 (SSD) where applicable.
    Generates: Certificate of Physical Destruction

  • 4

    Verification & Audit Sampling

    To validate erasure effectiveness, a representative sample of sanitised drives (typically 5%) is randomly selected and subjected to forensic recovery attempts. Any failure results in immediate containment and batch-level remediation.

All methods include full chain-of-custody tracking, serial-level reporting, and Certificates of Erasure or Destruction aligned with GDPR and ISO 27001 controls.

Sample Cert. of Sanitisation Sample Cert. of Destruction
UK Environment Agency Licensed
Carrier Licence: CBDU351026 T11 Exemption: EXP/UP3043JD

Our Verifiable Destruction Workflow

A capability-led process ensuring every asset is handled with NIST 800-88r2 precision, from initial intake to final certification.

1. Intake

Assets recorded for serial-level traceability.

2. Check

Firmware & FTL analysis determines sanitisation method.

3. Action

NIST 800-88r2 compliant erasure or physical destruction.

4. Audit

Forensic recovery on a 5% audit sample to validate success.

5. Certify

Serial-linked Certificate instantly accessible via your portal.

Meets GDPR and ISO 27001 standards. Reports archived for our 18-year business history.

Coverage

Media We Handle

We securely erase or physically destroy all common forms of digital media, ensuring nothing leaves your organisation recoverable.

HDDs & SSDs

Complete erasure or shredding of all spinning and solid-state drives.

Backup Tapes

Secure destruction of legacy LTO and DAT backup media.

Optical Media

Shredding and disposal of CDs, DVDs, and Blu-ray discs.

Mobile Devices

Certified erasure or destruction of smartphones and tablets.

Compliance & Certification

Our data destruction services are designed to meet the strictest international and sector-specific standards. Every erasure or destruction process is fully documented and accompanied by a individually numbered, serial-linked certificate with secure archive retention.

  • Compliant with GDPR data protection requirements
  • Processes aligned with ISO 27001 information security standards
  • Reports suitable for submission to NHS, MOD, and financial regulatory audits
  • Certificates of Erasure or Destruction provided for every asset
  • Where supported, firmware-level sanitisation (NVMe Sanitize or ATA Secure Erase) is used as the primary method. Devices that cannot support verifiable purge-level sanitisation are physically destroyed.
Certificate of compliance for secure data destruction

SSD Sanitisation Technical Explanation (For Auditors & IT Professionals)

Flash-based solid-state drives cannot be reliably sanitised using simple overwriting. Peer-reviewed research (Wei et al., UCSD, 2011) confirms that SSDs retain digital remnants even after many overwrite passes due to controller behaviour and the internal architecture of flash memory.

Key Facts

  • The Flash Translation Layer (FTL) remaps writes, leaving stale physical pages untouched. (See digital remnant examples and test results on pages 3–4 of Wei et al.)
  • Standard overwrite techniques leave 4–75% of file data intact. (See single-file overwrite results on page 7 of Wei et al.)
  • Some SSDs retained data even after 20 overwrite passes. (See Table 2 on page 5 of Wei et al.)
  • ATA Secure Erase may be incorrectly implemented on certain drives. Some reported a “successful” erase while all data remained intact. (See command failures on pages 4–5, Drive B, in Wei et al.)
  • SSDs using compression may ignore zero/one patterns, causing overwrites to have no effect on underlying flash cells.

Required Workflow for Verifiable SSD Data Removal

To achieve a verifiable and auditor-acceptable outcome, SSD processing follows a capability-led workflow:

  • Where supported, controller-level sanitisation (NVMe Sanitize or ATA Secure Erase) is used as the primary method to perform purge-level data removal.
  • Where purge-level sanitisation is unavailable and policy permits logical sanitisation, controller-level format or controlled logical overwrite may be applied to user-addressable storage, with verification checks performed at time of processing.
  • NVMe devices that do not support NVMe Sanitize, or any device that cannot be reliably sanitised and verified, are diverted to certified physical destruction.

This multi-stage process is the foundation of TFix's SSD sanitisation workflow, ensuring GDPR-compliant, NIST 800-88r2 and NCSC Secure Sanitisation Guidance aligned, audit-ready data sanitisation for all flash-based media.

Our Data Destruction Policy Our Information Security Policy

Frequently Asked Questions

Key details about our secure data erasure and destruction services.

What Types of Media Can You Process?

We securely erase or destroy HDDs, SSDs, backup tapes, optical media, servers, and mobile devices. Each method is selected based on the media type and compliance requirements.

Do You Provide Certificates?

Yes. Every erasure or destruction job is fully documented and supported by a individually numbered, serial-linked Certificate of Sanitisation or Certificate of Destruction, suitable for GDPR and ISO 27001 audit requirements.

What Erasure Methods Do You Use?

Depending on the device type and compliance requirements, we apply firmware-level sanitisation, controlled and verified software overwrite where appropriate, or physical destruction. All outcomes are fully documented and verifiable.

What Happens if a Drive Cannot Be Erased?

If a device cannot be successfully sanitised or verified, it is diverted to controlled physical destruction. This guarantees permanent data elimination and full compliance with GDPR and NIST 800-88r2.

What is the difference between Sanitisation and Destruction?

Sanitisation (Clear) removes data for commercial reuse. Purge or Physical Destruction is recommended for regulated environments and generates a Certificate of Destruction.

How Do You Ensure SSD Data Cannot Be Recovered?

SSDs are processed using a capability-led workflow. Where supported, controller-level purge (NVMe Sanitize or ATA Secure Erase) is used. Where purge is unavailable and permitted by policy, controlled logical sanitisation may be applied with verification checks. Devices that cannot be reliably sanitised are physically destroyed.

Pro Tip

Did you know?
The resale value of your decommissioned IT
could offset your data destruction costs.

Our Asset Recovery Service
New: Automated High-Speed SSD Erasure

Secure Data Destruction Pricing

Thanks to our proprietary in-house automation, we no longer charge a premium for SSDs.
One low rate for all loose drive types.

Standard

£10 / loose drive

No Minimum Quantity

For loose HDDs, SSDs, and Tapes.

  • HDD & SSD Included (No premium)
  • NIST 800-88r2 Purge/Clear
  • Individual PDF Certificate
  • Serial-level traceability
Book Standard
Best Value

Batch (100+)

£495 / 100 loose drives

Equivalent to £4.95 / unit

Volume discount for loose media.

  • Flat Rate for mixed media lots
  • Consolidated Compliance Pack
  • Ideal for Data Centre / Office Clearouts
  • Fast-track processing
Book Batch

Request Certified Data Destruction

We’ll confirm media type, compliance requirements, and processing method before scheduling.

✅ Certificates of Destruction or Erasure Reports provided with every job.

You May Also Need

IT Decommissioning

IT Decommissioning

Full-service removal, disconnection, and packing of IT assets, ensuring readiness for secure erasure or disposal.

Secure WEEE Collection

Secure WEEE Collection

Fully licensed pickup of IT equipment with chain-of-custody documentation and secure transport.

Asset Recovery

Asset Recovery

Maximise financial return from retired hardware through secure refurbishment, resale, or profit-sharing schemes.