Security
Your business data is critical. We treat security as a core part of the product, not an afterthought.
EU infrastructure
Twinstack runs on Laravel Cloud, powered by AWS infrastructure within the European Union. AWS holds ISO 27001, SOC 1, and SOC 2 Type II certifications.
Encryption
All data in transit is encrypted using TLS 1.3. Personally identifiable information and other sensitive data is encrypted at the application level using AES-256.
Authentication
Two-factor authentication for all accounts. Role-based access controls. Every login attempt and permission change is logged in the audit trail.
Data isolation
Each customer environment is logically isolated. Your data is never accessible to other customers. API keys are scoped per environment and can be revoked instantly.
Backups and recovery
Automated daily backups with 30-day retention, stored offsite in a geographically separate location. Backups are encrypted and tested regularly.
Monitoring
Continuous monitoring for anomalies and threats. Automated alerting ensures issues are detected and addressed quickly.
Compliance
Twinstack is built with GDPR compliance at its core. We process data only within the EU, provide data export and deletion tools, and maintain data processing agreements with all third-party providers. GDPR policy and Privacy Policy.
If you discover a security vulnerability, please report it to security@twinstack.co. We take every report seriously and will respond within 48 hours.
Your questions, answered
Common questions about how we protect your data.
All data is stored on AWS infrastructure within the European Union, managed through Laravel Cloud. Backups are encrypted and kept in a geographically separate EU location.