Security

Security policy Transparency by choice.

GDPR compliance, encrypted backups, audit logs, EU datacenter. No external pixel tracking.

Encryption everywhere

TLS 1.3 in transit, AES-256 at rest. Keys managed in Vault, rotated quarterly.

Exportable audit log

Every user action tracked. Immutable logs, exportable in JSON/CSV for compliance.

Identity & access

OAuth, SSO/SAML, 2FA mandatory for admin roles. Multi-tenant RLS by default.

Geo-redundant backups

Hourly snapshots across 2 EU datacenters. Recovery tested monthly, RPO < 1h, RTO < 4h.

Continuous monitoring

Sentry, Prometheus, GlitchTip. Anomaly alerting, 24/7 on-call for Enterprise plans.

Annual pen-tests

External tests for Business+ plans, report available under NDA. Private bug bounty.

Compliance

Compliance you can trust.

GDPR + DPA

In-house DPO, processing register, standard EU DPA available on request.

ISO 27001

Internal processes aligned. Certification in progress.

SOC 2 Type II

Controls mapped, audit planned for Enterprise plan.

AgID and public sector

Cloud compliance for public-sector supply on request (qualified cloud).

Where your data lives

Our clients' data lives in ISO 27001-certified Hetzner datacenters in Nuremberg (DE) and Helsinki (FI). No non-EU transfer without explicit authorization and the related DPA addendum.

Primary datacenter

Nuremberg, DE

Geo replica

Helsinki, FI

US transfers

Never · opt-in

Ready to start? next project.

Book a 30-minute discovery call. Free, no commitment.

Book a call 371 678 1015

Reply within 24h

Based in Italy

One team