How are data protection and data security handled in cleaning software?

Data protection and security in cleaning software depend on three factors: (1) hosting location (ideally in the EU / Germany for GDPR compliance), (2) encryption of data in transit and at rest, (3) role-based access control with audit trail. LiteLog hosts in Frankfurt, Germany, encrypts all data transfers (TLS) and at rest, and offers role-based access — so only authorised personnel see personal data of cleaning staff and client information.

Can I sign a data-processing agreement (DPA)?

Yes. If required, you can sign a DPA with us. Please contact us at info@litelog.de.

How do I handle GDPR data access or deletion requests?

Please send your request to info@litelog.de.

Is GDPR-compliant logging of security patrols possible?

Yes. LiteLog logs every patrol with time, location, and person — data-minimal and without permanent location tracking of staff. The GPS position is captured only at the moment of the scan. Data is stored encrypted in Germany, and access is governed by roles. This meets both proof obligations and data protection.

Data Security & GDPR-Compliant Hosting

Data Security

LiteLog stores all data exclusively in Frankfurt (Germany), protects it with end-to-end encryption, and guarantees 99.99 % availability. Daily backups and audited compliance standards (including SOC 2 Type II and GDPR) shield you from data loss and legal risks.

Why data security is essential for LiteLog

As a platform for process and time documentation, LiteLog processes personal, location, and performance data. An uncompromising security concept ensures legal compliance, high availability, and your customers’ trust.

1 Hosting location: Frankfurt / Germany

LiteLog runs on german Servers (Frankfurt). Production and backup data never leave Germany and are directly subject to the BDSG and the GDPR.

2 Encryption

Layer	Technology	Purpose
In transit	TLS 1.2 / 1.3	Protects against eavesdropping and tampering
At rest	Full-disk encryption	No access even in case of hardware theft
Backups	Encrypted snapshots	Restore without exporting data

Passwords are hashed with bcrypt. Sensitive tokens are additionally protected with AES-256.

3 Application security

Role-based access control – granular permissions per module
Strong password policies & reCAPTCHA protection
Session time-outs & device binding for mobile logins
Audit logs – every critical action is traceable
Regular penetration tests by independent specialists

4 Redundancy & backups

Automated snapshots at least once daily (up to 3× on higher plans)
Retention: 30 days + 11 monthly roll-ups
RPO / RTO: ≤ 24 h / ≤ 4 h
Multiple copies within the Frankfurt cluster

5 Compliance & audits

SOC 2 Type II – international standard for security and availability controls
PCI DSS Level 1 – secure credit-card processing (for payment features)
GDPR / BDSG – data-processing agreement (DPA) available

All certifications apply to the Platform.sh layer and are fully inherited by LiteLog.

6 Availability & DDoS protection

99.99 % SLA on production environments
Auto-scaling during traffic peaks
Layer 3–7 DDoS mitigation (optional add-on)

Download privacy document (PDF)