Yes โ the platform is built to meet the requirements of public institutions and financial organizations.
- Certifications & compliance: ISO/IEC 27001 (information security management) and ISO/IEC 27701 (privacy management), with GDPR alignment for personal and program data.
- Access & protection: role-based access controls across all components, secure authentication, and protection against common threats (brute-force, XSS, SQL injection).
- Encryption: data is encrypted in transit and at rest using industry-standard methods.
- Separation: program and user data are segregated across workspaces for clear privacy boundaries.
- Operations: audit-ready logging, monitoring and incident management, periodic security assessments, controlled change management, and business-continuity / disaster-recovery procedures.
Related: Where is data hosted? ยท How information privacy works.
