Request a demo
Demo
Demo

Legal & Security

Security at RepairCMS

At RepairCMS, protecting your data is our highest priority. We employ state-of-the-art security standards and industry best practices to ensure the integrity and confidentiality of your information at all times.

1. Data Protection & Compliance (GDPR)

  • GDPR Compliance: We process data in strict accordance with the European General Data Protection Regulation (GDPR).

  • Server Location: Our infrastructure is hosted exclusively in ISO 27001-certified data centers within the European Union.

  • Data Processing Agreement (DPA): We provide a legally compliant Data Processing Agreement (DPA) in accordance with Art. 28 GDPR for all our customers.

2. Data Transmission & Encryption

  • HTTPS Encryption: All data exchanged between your browser and our servers is secured via encrypted connections (TLS/SSL).

  • Encryption at Rest: All stored information is protected on our servers using modern encryption standards.

  • Password Security: We never store passwords in plain text. Instead, we use strong, one-way hashing algorithms to ensure your credentials remain private.

3. Access Control & Identity Protection

  • Strong Passwords & Email Validation: We enforce strict password policies and verify every registration via a confirmation email.

  • Two-Factor Authentication (2FA): To provide an extra layer of security for your account, we support login via 2FA.

  • Role-Based Access Control (RBAC): Our application features granular permission settings, ensuring that users only access the data they are authorized to see.

4. Infrastructure & Resilience

  • Continuous Backups: We perform regular automated backups, allowing us to restore data to any point in time within the backup retention period.

  • Network Security & Firewalls: Multi-layered firewalls and modern intrusion detection systems protect our network from unauthorized access.

  • Audit & System Logs: Secure audit logs record security-relevant events to allow for thorough analysis if necessary.

5. Continuous Monitoring & Updates

  • Vulnerability Scanning: Our applications undergo regular automated and manual security assessments.

  • Automated Patch Management: We use automated systems to monitor open-source libraries for known vulnerabilities, ensuring that security patches are applied immediately.

6. Incident Management

In the event of a data breach, we have a rigorous incident response procedure in place. We commit to informing affected parties promptly and transparently. Our policy mandates an initial notification, typically within 72 hours of becoming aware of the incident.