Treffa takes security seriously. This page summarizes our practices for protecting your data and our systems.
Infrastructure
Our services run on EU-based infrastructure (e.g. Frankfurt). Data is stored within the EU. We use encryption in transit (TLS) and at rest where applicable.
Access control
Access to production systems and data is restricted, logged, and reviewed. We follow principle of least privilege and use strong authentication.
Compliance
We design for GDPR compliance and work toward ISO 27001. We implement measures to protect personal data and support your compliance obligations.
Incident response
We have processes to detect, respond to, and communicate security incidents. Affected customers will be notified in accordance with applicable law.
Contact
Security inquiries: security@treffa.eu.