SimpleAct Logo

Security & Infrastructure

Transparency on hosting, access, logging, and data protection.

Architecture Overview

SimpleAct – High-Level ArchitekturBrowser / ClientHTTPS · TLS 1.3Application Layer (EU)API / BackendAuth (RBAC, 2FA)Audit-LogMulti-TenantData Layer · EU – NürnbergPostgreSQL (Supabase)Storage – Encrypted at restBackups (alle 3 Tage)Hetzner · Nürnberg · Datenstandort EU · TLS in transitRBAC = Role-Based Access Control · 2FA = Two-Factor Auth (TOTP) · Append-only Audit-Log

Hosting & Infrastructure

  • Hosting with Hetzner (Nuremberg)
  • Data location: EU
  • Automated backups every 3 days; last backup: day before yesterday.
  • Encryption at rest and in transit

Access & Authentication

  • RBAC
  • Multi-Tenancy Isolation
  • 2FA (TOTP)
  • Session invalidation

Logging & Auditability

  • Append-only audit log
  • Versioning
  • Snapshotting

Data Processing

  • GDPR-oriented
  • DPA/AV available
  • Subprocessors transparent

Security Testing

  • Last pen test: 4 days ago
  • External review: 2 weeks ago

Security Whitepaper

Detailed technical and organisational measures.

Security Whitepaper
Back to home
Arturs Nikitins
Sicherheit & Datenschutz | SimpleAct