Security & Privacy

Transparency about our security practices and privacy measures.

Data Handling

How we handle your data:

Encryption

TLS 1.3 for all connections, encrypted databases

Data Storage

EU hosting (Hetzner Germany), GDPR-compliant processing

Access Controls

Role-based access, 2FA for all admin accounts

Logging & Monitoring

Comprehensive audit logging, real-time monitoring of critical systems

Backup Strategy

Multi-layered backup strategy for data security:

Frequency

Daily automated backups, hourly snapshots for critical data

Retention

30-day rolling, 12 monthly snapshots

Location

Geographically separated backup locations within EU

Testing

Monthly restore tests for verification

Incident Response

Our process for security incidents:

1. Detection

Automated monitoring alerts, 24/7 availability

2. Containment

Immediate isolation of affected systems

3. Analysis

Forensic investigation, root cause analysis

4. Notification

Transparent communication with affected parties, GDPR-compliant reporting

5. Remediation

Systematic problem resolution, documentation, lessons learned

Compliance

  • GDPR compliant, ISO 27001 practices, OWASP Top 10 awareness, SOC 2 Type II principles

Status Page

Current system status and planned maintenance:

status.pixelandprocess.de

Security Contact

For security reports and questions:

security@pixelandprocess.de

PGP key available