Your data security is our top priority. That’s why all your data are stored in Switzerland in ISO 27001 certified data centers.

Virtual private cloud​

  • Hosted in ISO 27001 certified data centers
  • Hosted in Switzerland
  • Highly secure cloud-based SaaS offering


  • Multi-layer tenant data segregation
  • Each tenant accessed from a separate subdomain


  • HTTPS with TLS is used on all pages
  • The certificate was generated using a 2048-Bit private key
  • All data is encrypted during transit


  • Data is replicated in real time on a different server
  • Full database backup once a day
  • Backups are encrypted using an RSA key
  • Geographically redundant backups

High availability

  • Monitored on
  • Incidents reported on our status page
  • Contractually binding 99.9% availability

Customer controls access

  • Role-based permissions via Admin Dashboard
  • Two-factor authentication (2FA)
  • Integrates with your existing Identity Management
  • SAML 2.0 interface for Single Sign-On & Active Directory


Security is an integral part of our DNA, both in our products and in our internal processes.

The SOC 2 Type II audit is an industry-recognized security certification for software-as-a-service (SaaS) companies. It validates that your data is secure, safe, and controlled with WEDO. The 6-month long audit involved a thorough analysis of our controls, the tests we perform to assess their effectiveness, and the results of those tests.

Secure and compliant hosting

Our hosting providers and datacenters hold the following certifications

Frequently Asked Questions

Is the data located in Switzerland?

WEDO is hosted on Exoscale, a hosting provider based in Switzerland. The datacenters are located in Zürich (ZH). They are ISO/IEC 27001 (Information security management systems) certified. For more information:

What is your backup policy?

The database is replicated in real time on a different server. In case of failure of the primary database, the replica is used. A full database backup is done once a day. We keep the backups from the last seven days and the last four fridays. To protect against datacenter failure, backups are transfered to a different geographical location.

What is your development life cycle?

Every change in WEDO code goes throught a serie of automatic tests. Then, manual testing is done. If no problems are found, the code is published to production. To avoid mistakes, different static analysis tools are used during the development life cylce.

Do you perform regular vulnerability and penetration testing?

Yes. We use automation for regular vulnerability tests of the product code before release to production. We also perform annual Full Penetration Testing by an external specialized Penetration Testing Company. Prospects and customers may receive a copy of the penetration testing report upon signing a Non Disclosure Agreement with us.

Do you use the HTTPS protocol?

WEDO uses HTTPS protocol everywhere. The Hypertext Transfer Protocol Secure (HTTPS) is an authentication of the accessed website and protection of the privacy and integrity of the exchanged data while in transit. It protects against man-in-the-middle attacks. 

How are passwords stored?

We enforce a certain level of password complexity. Every password must be at least 8 characters long and contain: one lowercase, one number and one special character. Every password is stored in the database in the form of a bcrypt hash using a salt and several iterations. If a user forgets his password, he can reset it with a link sent to his email address.

Do you support Two-factor Authentication?

You can enable Two-factor Authentication (2FA) to add an extra layer of security for your account. When enabled, 2FA requires an extra passcode when loggin in. This extra passcode is store in an app on your phone and is regenerated every 30 seconds. This makes things much harder for potential attackers, as they would not only need your username and password, but also be in possession of your 2FA device.

Can I export my data?

Legaly your data belongs to you. You can export them at any time directly from the platform in standard formats (PDF, XLSX or CSV). If you don’t renew your contract, we guarantee you enough time to access the platform to export your data. 

How is your Service Level Agreement calculated?

We guarantee an availability of 99.9% of the platform.

The monthly availability is computed with the following formula:


  • T = total number of minutes in the month
  • D = total number of unplanned downtime minutes in the month
  • M = total number of planned maintenance minutes in the month

If our availability is under the threshold, the downtime will be credited to your subscription duration.

WEDO is 100% Swiss

WEDO is a Swiss based startup, the main office is in Fribourg (FR) and the datacenters are located in Zürich (ZH).