Skip to content

Security and Compliance

Security and compliance are top priorities for Nanitor. We are committed to securing the data hosted within our software, eliminating vulnerabilities, and ensuring the continuity of operations. Nanitor uses a variety of technologies and services to secure the data from unauthorized access and keep the software up and running at all times.

ISMS

Nanitor has implemented a certified Information Security Management System (ISMS) that meets the requirements of ISO 27001. Our ISMS reflects our dedication to safeguarding the confidentiality, integrity, and availability of information. Additionally, our ISMS enables us to effectively manage and continually enhance our information security practices and processes.

Our approach to managing sensitive company information is systematic, encompassing people, processes, and IT systems, and is founded on a thorough risk management framework. This framework consists of policies, procedures, guidelines, and standards that are applied and maintained to ensure that our information is protected in accordance with recognized best practices. We subject our ISMS to regular assessments and audits to verify compliance and identify potential vulnerabilities.

The implementation of an ISMS equips an organization with the necessary tools to protect against a wide range of security threats, including cyber-attacks, data breaches, and loss or disclosure of sensitive information. Additionally, it provides organizations with the means to meet regulatory and compliance requirements. In summary, an ISMS represents a comprehensive and structured approach to managing and securing sensitive company information, providing customers with the assurance that their information is handled with the utmost care and protection.

You can find a copy of our ISO 27001 certification PDF here.

We value your trust and privacy, and we want to be transparent about how we collect, use, and protect your personal information. That’s why we have a Terms of Service and a Privacy Policy that you can read and agree to before using our service.

Our Terms of Service explain the rules and conditions that you must follow when using our services, such as your rights and responsibilities, our limitations of liability, our warranty disclaimers, our dispute resolution process and more.

Our Privacy Policy explains what information we collect from you and why, how we use it to provide and improve our service, with whom we share it, and how we safeguard it. It also explains your choices and rights regarding your information, such as how you can access, update or delete it.

We encourage you to read both documents carefully and contact us if you have any questions. By using our service, you agree to be bound by our Terms of Service and Privacy Policy. Additionally, we have a Data Processing Agreement that you can request by sending us an email to [email protected].

Business Continuity and Disaster Recovery

High Availability

Our data centers have a secure infrastructure with automatic DDOS protections in place. On top of that, we use security measures from our DNS provider. We monitor the availability of all of our servers to identify failures in the infrastructure quickly.

Business Continuity

Nanitor keeps daily encrypted backups. The encrypted backups are stored in different data center than the original data. While never expected, in the case of production data loss we will restore organizational data from these backups.

Disaster Recovery

In the event of a region-wide outage, Nanitor will deploy an environment in a different part of Europe. If our main cloud service provider experiences full downtime we will migrate all servers to another cloud provider.