Security & Compliance

Infrastructure Security

• • TLS 1.3 encryption for all data in transit
• • Data encryption at rest
• • DDoS protection and rate limiting
• • Regular security audits

Data Protection

• • GDPR compliant data handling
• • Data isolation per tenant
• • No customer data used for training
• • Regular automated backups

Access Control

• • Multi-factor authentication (MFA)
• • Role-based access control (RBAC)
• • API key authentication
• • Audit logging

Compliance

• • SOC2 Type II path
• • GDPR ready
• • On-premise deployment for regulated industries
• • Data processing agreements (DPA) available

Responsible Disclosure

If you discover a security vulnerability, please email: security@gislabs.dev