Isurdan

Enterprise-grade security

Your workforce data deserves the highest level of protection. Isurdan is built with security and privacy at every layer — not bolted on as an afterthought.

Encryption

AES-256 encryption at rest for all stored data. TLS 1.3 for all data in transit. Database connections encrypted end-to-end.

Secure Data Residency

All data hosted in European data centres (London region) with GDPR-grade safeguards. Enterprise-level data protection trusted by companies across Europe, the Middle East, and North America.

Access Controls

Role-based access control (RBAC) with 6+ configurable roles. SSO/SAML integration. MFA enforcement available. Principle of least privilege throughout.

GDPR by Design

Privacy-first architecture. Data subject request workflows. Automated breach notification system with 72-hour tracking. Records of processing activities (ROPA).

Infrastructure

Enterprise cloud infrastructure with automated database backups and point-in-time recovery. DDoS protection and origin verification. Container-based deployments with automated security scanning.

Audit Logging

Immutable audit log with cryptographic hash chain. Every data access, modification, and admin action is recorded. Tamper-evident and exportable for compliance.

AI Data Handling

AI features process data in-session only. Your data is never used for model training. No third-party data sharing. AI outputs are decision-support tools, not replacements for judgement.

Continuous Monitoring

Segregated environments, change management, and continuous monitoring are built in from day one. Automated security scanning and vulnerability detection across all services.

Our commitments

No third-party data sharing

Your data is yours. We never sell, share, or monetize customer data. Our business model is software subscriptions, not data brokerage.

Transparent sub-processors

We maintain a public list of sub-processors. Customers are notified before any changes. Our DPA covers all processing activities.

Responsible AI

AI features are opt-in and transparent. We explain what data is used, how insights are generated, and your data never trains external models.

Security questions?

We're happy to discuss our security practices in detail, share our DPA, or answer security questionnaires for your procurement process.

Contact Us View DPA

Or email us directly: [email protected]