Compliance software must itself be trustworthy. We take security seriously and are transparent about how we protect your data.
All data hosted on Google Cloud Platform in Europe-North1 (Finland). Your compliance data never leaves EU jurisdiction.
Data encrypted in transit using TLS 1.3 and at rest using AES-256. All communications secured with HTTPS.
Built on Google Cloud Platform with enterprise security controls, automatic patching, and infrastructure monitoring.
Strict data separation between customer environments. Each tenant's data is logically isolated at the database level.
Secure authentication via Firebase Auth with JWT token verification. Support for strong passwords and session management.
Granular permissions at user, team, and tenant levels. Assign roles based on job function and need-to-know.
Comprehensive logging of all system actions. Track who did what, when, for compliance and security review.
Security-focused development practices including code review, dependency scanning, and regular security updates.
Our platform and operations align with GDPR requirements. EU data residency, clear data processing terms, and data subject rights support.
CShift operates under Swedish and EU law. Clear legal jurisdiction with strong data protection standards.
Clear data processing agreements and terms of service. We document our data handling practices for all customers.
Contact us for detailed security documentation or to discuss specific requirements.