LiteLog LogoBook demo

Data Security

LiteLog stores all data exclusively in Frankfurt (Germany), protects it with end-to-end encryption, and guarantees 99.99 % availability. Daily backups and audited compliance standards (including SOC 2 Type II and GDPR) shield you from data loss and legal risks.

Why data security is essential for LiteLog

As a platform for process and time documentation, LiteLog processes personal, location, and performance data. An uncompromising security concept ensures legal compliance, high availability, and your customers’ trust.

1 Hosting location: Frankfurt / Germany

LiteLog runs on german Servers (Frankfurt). Production and backup data never leave Germany and are directly subject to the BDSG and the GDPR.

2 Encryption

LayerTechnologyPurpose
In transitTLS 1.2 / 1.3Protects against eavesdropping and tampering
At restFull-disk encryptionNo access even in case of hardware theft
BackupsEncrypted snapshotsRestore without exporting data

Passwords are hashed with bcrypt. Sensitive tokens are additionally protected with AES-256.

3 Application security

  • Role-based access control – granular permissions per module
  • Multi-factor authentication (TOTP) – optional but recommended
  • Session time-outs & device binding for mobile logins
  • Audit logs – every critical action is traceable
  • Regular penetration tests by independent specialists

4 Redundancy & backups

  • Automated snapshots at least once daily (up to 3× on higher plans)
  • Retention: 30 days + 11 monthly roll-ups
  • RPO / RTO: ≤ 24 h / ≤ 4 h
  • Multiple copies within the Frankfurt cluster

5 Compliance & audits

  • SOC 2 Type II – international standard for security and availability controls
  • PCI DSS Level 1 – secure credit-card processing (for payment features)
  • GDPR / BDSG – data-processing agreement (DPA) available

All certifications apply to the Platform.sh layer and are fully inherited by LiteLog.

6 Availability & DDoS protection

  • 99.99 % SLA on production environments
  • Auto-scaling during traffic peaks
  • Layer 3–7 DDoS mitigation (optional add-on)

7 Frequently asked questions (FAQ)

Can I sign a data-processing agreement (DPA)?

Yes. If required, you can sign a DPA with us. Please email info@litelog.de

How do I handle GDPR data access or deletion requests?

Please send your request to info@litelog.de