Enterprise-grade security built on Swiss infrastructure. Your data is protected by industry-leading encryption and strict access controls.
All data hosted exclusively in Geneva, Switzerland. Protected by Swiss privacy laws, not subject to US CLOUD Act.
TLS 1.3 in transit, AES-256 at rest. All database content, backups, and files are fully encrypted.
Row-Level Security (RLS) enforced on all tables. Schema-based isolation prevents cross-tenant data access.
MFA required for all accounts. Role-based access control (RBAC) with principle of least privilege.
Comprehensive audit trails for all administrative actions. 1-year retention for compliance.
Point-in-time recovery up to 30 days. Automated backups with off-site replication in Switzerland.
We maintain rigorous compliance standards to protect your data and meet regulatory requirements.
Controls implemented, audit Q2 2026
EU data protection compliant
Swiss Federal Data Protection Act
Submitted to browser preload lists
All Vaultbrix services implement comprehensive HTTP security headers.
| Header | Status |
|---|---|
| Strict-Transport-Security | HSTS with preload |
| Content-Security-Policy | Strict CSP enabled |
| X-Frame-Options | DENY (clickjacking protection) |
| X-Content-Type-Options | nosniff |
| Permissions-Policy | Restrictive policy |
| Referrer-Policy | strict-origin-when-cross-origin |
We use a limited set of trusted service providers, all bound by strict data protection agreements.
View Sub-processorsAccess our security and compliance documentation.
Our security team is available to answer your questions and provide additional documentation for enterprise customers.