We take security compliance seriously
Keeping our customers' data protected at all times is our highest priority.
.webp)
Thomas Ravenel
Head of Engineering @ Ondorse
Company security
We are compliant with GDPR
We are compliant with ISO 27001
SOC 2 Type II report (contact us)
All employees follow recurring security training; enforced and monitored by Vanta
Annual SOC 2 audit
Annual independent penetration testing of our services






System security
All data encrypted in transit (TLS 1.2) and at rest (AES-256)
Infrastructure hosted on AWS in Europe (ISO 27001, SOC1 and SOC2 certified)
Data encryption in transit using TLS 1.2+
Data encrypted at rest using AES 256-bit encryption algorithm
Business continuity plan including disaster recovery and data backups
Application security
Customizable login method: support for SSO login (Google, Azure AD, Okta, etc.), enterprise SSO (SAML) and MFA for password login
Control user and API keys access
Immutable audit trail to capture user interactions
Role-based access control
On-premise data storage
Constant vulnerability scanning and regular penetration testing


