<aside> 🇩🇪 The German documentation can be found here.

</aside>

<aside> 🔏 Your data’s security and privacy are Luminovo’s top priorities. If you have any comments, concerns or questions about our data security & privacy at Luminovo, please send your request to [email protected].

</aside>

🔒 Enterprise-ready security & privacy

• Germany based. Our Microsoft Azure hosting servers are located in Frankfurt, Germany.
• ISO 27001 compliant. All data hosting solutions (provided by Microsoft Azure) are fully compliant with ISO 27001 and SOC 2. Luminovo has also been ISO 27001 certified since June 2023.
• Encryption in-transit and at-rest. All data is encrypted at rest using FIPS 140-2 validated cryptographic modules and the AES 256-bit cipher. For transport layer security, we use TLS 1.2+ everywhere.
• Multi-tenant security. With a multi-tenant architecture our software ensures data separation of different customers on a database level.
• Information security officer. Data security is a top-level management priority. Our founder and managing director Timon Ruban is our information security officer.
• GDPR-compliant. As an EU-based company, we adhere to GDPR compliance.
• Backups and disaster recovery. We do automatic backups ranging from instantly to every four hours and keep the backups in zone-redundant storage for up to 7 days.
• Vulnerability protection. We use an automated security scanner on every code change to uncover any known vulnerabilities and misconfigurations in our software.
• DDoS protection. Access to our servers is protected from denial-of-service attacks using Cloudflare’s always-on DDoS protection.
• Suspicious IP throttling. We automatically protect against suspicious logins targeting too many accounts from a single IP address.
• Strong password policies. A strong password policy (disallowing the 10,000 most common passwords; disallowing personal data – like the name – and enforcing minimum length, special characters, lower- and uppercase characters and numbers in any password) make it difficult, if not improbable, for someone to guess a password through either manual or automated means.
• Multi-factor authentication. We offer the option to secure your logins with multi-factor authentication.
• Single Sign-On (SSO) and SAML. Available on Enterprise plans for secure, streamlined authentication.
• Role-based access control. Define user and admin roles for customised access permissions.

📁 Data Security & Privacy Documents

<aside> <img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/ea1cfe02-0b20-4435-b6e8-b52707a6c06f/Untitled-1.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/ea1cfe02-0b20-4435-b6e8-b52707a6c06f/Untitled-1.png" width="40px" /> ISO 27001:2022 Certificate (🇬🇧)

View as PDF file:

Luminovo ISO 27001 2022 Certificate.pdf

</aside>