Security
Plain-language security, written by humans.
We avoid hype and only describe what we actually do. Anything we haven't confirmed yet is clearly marked as such.
Encryption
Your data is encrypted in transit using TLS 1.3 (with fallback to TLS 1.2 where required) and at rest using AES-256-GCM.
Key management
Encryption keys are managed in AWS KMS with regular rotation. Customer-managed keys (BYOK) are available on Pro and Custom plans.
Access controls
Role-based access lets you decide who can view, restore, or delete. Available roles: Owner, Admin, Operator, and Viewer.
Infrastructure
Hosted on AWS in your chosen region — Frankfurt (eu-central-1), Dublin (eu-west-1), or N. Virginia (us-east-1) — with multi-zone redundancy.
Data minimization
We only collect what we need to deliver and support the service. See the Privacy Policy for full detail.
Backup verification
Each completed backup is verified so you know it can be restored.
Monitoring & alerts
Backup health is monitored. You're notified about failures that need attention.
Incident response
If a security incident affecting your data occurs, we will notify you without undue delay and, in any case, within 72 hours of confirmation.
What we don't claim
We don't claim to be "100% secure," "unbreakable," or "military-grade." No service can promise that. We also don't list certifications we haven't formally completed. As we add formal certifications and third-party audits, we'll publish them here.
- • Compliance certifications: none yet — SOC 2 Type II is on our roadmap and will be published here when formally completed.
- • Independent security audits: an external penetration test is planned for 2026; results will be summarised here once delivered.
- • Uptime / SLA: 99.9% monthly uptime target as a best-effort objective; contractual SLA with service credits available on Pro and Custom plans.
Start protecting your work today.
Set up your first backup in minutes. No long-term contracts.