Your data security is our top priority. That’s why all your data are stored in Switzerland in ISO 27001 certified data centers.
The SOC 2 Type II audit is an industry-recognized security certification for software-as-a-service (SaaS) companies. It validates that your data is secure, safe, and controlled with WEDO. The 6-month long audit involved a thorough analysis of our controls, the tests we perform to assess their effectiveness, and the results of those tests.
Our hosting providers and datacenters hold the following certifications
WEDO is hosted on Exoscale, a hosting provider based in Switzerland. The datacenters are located in Zürich (ZH). They are ISO/IEC 27001 (Information security management systems) certified. For more information: exoscale.com.
The database is replicated in real time on a different server. In case of failure of the primary database, the replica is used. A full database backup is done once a day. We keep the backups from the last seven days and the last four fridays. To protect against datacenter failure, backups are transfered to a different geographical location.
Every change in WEDO code goes throught a serie of automatic tests. Then, manual testing is done. If no problems are found, the code is published to production. To avoid mistakes, different static analysis tools are used during the development life cylce.
Yes. We use automation for regular vulnerability tests of the product code before release to production. We also perform annual Full Penetration Testing by an external specialized Penetration Testing Company. Prospects and customers may receive a copy of the penetration testing report upon signing a Non Disclosure Agreement with us.
WEDO uses HTTPS protocol everywhere. The Hypertext Transfer Protocol Secure (HTTPS) is an authentication of the accessed website and protection of the privacy and integrity of the exchanged data while in transit. It protects against man-in-the-middle attacks.
We enforce a certain level of password complexity. Every password must be at least 8 characters long and contain: one lowercase, one number and one special character. Every password is stored in the database in the form of a bcrypt hash using a salt and several iterations. If a user forgets his password, he can reset it with a link sent to his email address.
Legaly your data belongs to you. You can export them at any time directly from the platform in standard formats (PDF, XLSX or CSV). If you don’t renew your contract, we guarantee you enough time to access the platform to export your data.
We guarantee an availability of 99.9% of the platform.
The monthly availability is computed with the following formula:
If our availability is under the threshold, the downtime will be credited to your subscription duration.
WEDO is a Swiss based startup, the main office is in Fribourg (FR) and the datacenters are located in Zürich (ZH).