Security isn't a feature. It's the foundation.
How CAVRIX protects your data, where it's processed, and which standards we align to. Transparent, verifiable, evidenced on request.
You hand us your IT, and with it your trust. This Trust Center shows openly how we handle it: technical measures, data residency, standards, and the documents you can request.
Data residency in the EU
Processing and storage in data centers inside the European Union. No transfer to third countries without appropriate safeguards.
Encryption throughout
Encryption in transit (TLS) and at rest (AES-256). Keys are managed separately from the data.
Strict access control
Access on a least-privilege basis, with multi-factor authentication and logged, auditable permissions.
Around-the-clock monitoring
Security-relevant systems are monitored 24/7. Anomalies are detected, isolated and documented.
No use for AI training
Your data is never used to train models. It serves only to operate your services.
Clear data processing
Data-processing agreements (DPA) under Art. 28 GDPR with documented technical and organizational measures.
Our processes are aligned to these standards and frameworks. Certification and audit evidence is provided on request.
Processing in the EU
All personal data is processed within the EU, GDPR-compliant.
Purpose limitation
Data is used only to operate your IT, security and compliance, never beyond.
Deletion concept
Defined retention periods and a documented deletion process after the contract ends.
Subprocessors
Any providers we use are contractually bound and disclosed on request.
We provide these documents to vetted prospects and customers on request.
Security questions?
Our team answers security and privacy questions directly. Write to us, we reply the same business day.