Security & Compliance

Your data never leaves your walls.

Datavera is engineered for industries where one byte on the wrong server ends the contract. This page is the technical and legal pack a Swiss compliance officer needs in their first thirty minutes.

Swiss-hosted

All processing on customer hardware or in a Swiss data centre. No US parent-company exposure under the CLOUD Act.

FADP-aligned

Designed against the revised Swiss Federal Act on Data Protection. Self-assessment template available on request.

GDPR Art. 28 ready

DPA template, ROPA entries and sub-processor list provided. No surprises in the legal review.

EU AI Act ready

Most use cases classify as limited-risk. Documentation pack included for risk classification, transparency and human oversight.

What sits behind every Datavera deployment.

Six pillars. Each one is non-negotiable. Each one ships with the documentation your audit committee will ask for.

01 · DEPLOYMENT

Where your data lives

Three deployment topologies. Same source code, same audit posture, your choice of where the metal sits.

  • On-prem appliance racked in your data centre or comms room. Fully air-gapped if you choose.
  • Swiss data centre: dedicated tenancy at Interxion ZH1, Equinix ZH4 or your nominated provider. Datavera-managed.
  • Hybrid: indexing on-prem, query plane in a Swiss data centre. Documents never cross the boundary.
  • Zero-cloud option: no outbound traffic at runtime. Updates pulled manually from a signed bundle.
02 · ENCRYPTION

Encryption & key management

Every byte at rest, every byte in transit, encrypted with keys you control.

  • AES-256 at rest. TLS 1.3 in transit. No legacy cipher fallbacks.
  • BYOK with HashiCorp Vault, AWS KMS, Azure Key Vault or your on-prem HSM.
  • Per-tenant data-encryption keys, rotated on a 90-day default schedule.
  • Datavera operators never see plaintext customer data. Process isolation enforced at the OS layer.
03 · IDENTITY

Identity & access

Single sign-on, role-based access, full audit trail. Your IAM, our enforcement.

  • SAML 2.0 and OIDC for SSO. Microsoft Entra, Okta, Keycloak supported out of the box.
  • Role-based access at user, document and field level. Inheritable from your Active Directory groups.
  • Mandatory MFA for admin roles. WebAuthn and FIDO2 supported.
  • Every privileged action logged with actor, target, before/after state and timestamp.
04 · STATELESS

Stateless processing & retention

Documents leave no trace after processing unless you ask us to keep them. You control retention; we don't.

  • Default: in-memory processing only. Document discarded after the answer is returned.
  • Optional persistent index for repeated queries. Encrypted, scoped to your tenant, deletable on demand.
  • No model training on customer data. Ever. Contractual guarantee in every DPA.
  • Right-to-erasure honoured within 24 hours, including any backups in scope.
05 · LEGAL

Swiss FADP and EU GDPR

Both regimes covered out of the box. The DPA template fits a typical Swiss legal review in under an hour.

  • FADP: privacy by design and by default. Records of processing activities scoped to your deployment.
  • GDPR Art. 28 DPA template, with Standard Contractual Clauses where data transfers occur.
  • Sub-processor list maintained, change-controlled, communicated 30 days in advance.
  • FDPIC-aligned breach notification: 72-hour internal SLA, structured incident report.
06 · AI ACT & AUDIT

EU AI Act and audit logging

Risk classification documented per use case. Audit log signed, tamper-evident, exportable to your SIEM.

  • Risk classification memo per use case, signed off by the customer's DPO.
  • Transparency by default: every answer cites the source paragraph that produced it.
  • Append-only audit log, signed and tamper-evident, exportable in syslog or OpenTelemetry.
  • Annual third-party penetration test. Critical CVE patches within 7 days for production customers.

Security & compliance FAQ

Is Datavera on-premise?
Yes. Datavera deploys on the customer's own hardware (On-Premise Starter from CHF 300 per month plus customer hardware) or in a Swiss data centre operated by Datavera (Cloud Starter from CHF 500 per month). No customer data ever traverses third-country public cloud.
Is Datavera FADP-compliant?
Yes, by design. Datavera GmbH is a Swiss legal entity. Customer personal data does not leave Switzerland in either Cloud or On-Premise deployments. Data processing agreements aligned with FADP Articles 7 and 8 are available.
What about the EU AI Act?
Datavera is positioned for customers whose use of the Document Suite falls within EU AI Act high-risk classification, entering force on August 2, 2026. Documentation, logging, human-oversight controls, and risk management are designed to align with the Act.
Does Datavera train AI models on customer data?
No. Datavera does not train third-party large language models on customer data. The Document Suite uses open-source frontier models selected per engagement. Customer data is never sent to model providers for training.
What about the US CLOUD Act?
Datavera GmbH is a Swiss legal entity, not US-parented, outside US courts' jurisdiction under the CLOUD Act. Cloud deployments run on Swiss infrastructure operated by Datavera. On-Premise deployments are inside the customer's own perimeter.
How is Datavera different from Microsoft Azure OpenAI Switzerland?
Azure OpenAI Switzerland runs in Swiss data centres but Microsoft remains a US parent reachable under the CLOUD Act. Datavera GmbH is a Swiss legal entity with Swiss-resident operators, outside US CLOUD Act jurisdiction. Datavera On-Premise puts inference inside the customer's own perimeter.
Can Datavera serve customers outside Switzerland?
Yes. Cloud Starter is Swiss-hosted but available to EU and global customers; the data stays in Switzerland. On-Premise Starter and Production deploy on the customer's hardware anywhere. GDPR Article 28 data processing agreements are available for EU customers. For US customers, Datavera GmbH operates outside the US CLOUD Act, which is often the reason they engage us.
How does Datavera handle GDPR data subject rights (access, deletion, portability)?
Standard GDPR Articles 15 to 22 rights are supported. Data export is via the Datavera admin console for Cloud customers, or direct database access for On-Premise. Deletion requests are processed within 30 days. The pilot tenant is auto-deleted on day 31 if the pilot is not converted. Full audit trail of access and modification is exportable in machine-readable format.
What encryption does Datavera use?
TLS 1.3 in transit. AES-256 at rest. Customer-managed encryption keys (CMK) are available on Production tier and air-gapped appliances. On Cloud Starter, Datavera-managed keys with separation of duties between the platform team and the storage team.
Does Datavera have ISO 27001 or SOC 2 certification?
Not yet. Datavera is working toward both but does not currently hold either certification. This security page documents the technical controls and policy alignment that ISO 27001 and SOC 2 would later audit. We do not claim certifications we do not hold.
Can Datavera integrate with our SSO (SAML, OIDC, LDAP)?
Yes. SAML 2.0 and OIDC are supported on Cloud Starter and Production tier. LDAP is available via the Production tier integration scope. Customer-side identity providers (Okta, Microsoft Entra ID, Google Workspace, Keycloak, etc.) are configured during onboarding.

Need something we haven't documented yet?

Send us your question, requirement or use case. We reply within one business day. If we cannot answer cleanly, we say so.

Ask a security question

By submitting, you agree to our privacy policy. We never sell or share your data.
Message received. We will be in touch within one business day.
What you get back
Direct reply from the engineering team, not a sales auto-responder.
Straight answer if we cannot meet a requirement. No marketing fluff.
FADP, GDPR Art. 28 and EU AI Act language ready to forward to legal.
Templates, ROPA entries and DPA on request, NDA optional.