Resilira
Sign inStart free

Security & trust

We sell continuity software, so resilience and security are the product — not an afterthought. GDPR & KVKK-aligned, EU-hosted, with tenant isolation enforced in the database itself.

Tenant isolation by default

Every table carries an org boundary with Row-Level Security enforced in the database — proven with policy-level tests, not just app checks.

EU-hosted, encrypted at rest

Hosted in Frankfurt (Supabase/Postgres) with encryption at rest. Sensitive personal data is minimised and documented in our DPA.

Append-only audit log

Sensitive actions are recorded to an append-only audit trail — actor, entity, change and IP. Auditors get a read-only role to review everything.

Role-based access

Owner, Admin, Planner, Process Owner, Responder and read-only Auditor roles. Email/password sign-in today; SAML SSO + SCIM provisioning on Business.

Resilient by design

We eat our own dog food: managed Postgres with point-in-time backups, a marketing site and status page on infra independent from the app, plus a read-only break-glass mirror and offline exports so your plans stay reachable during an incident.

Your data, always exportable

Export all your plans and registers at any time — even in read-only grace mode. We never hold continuity plans hostage.

Data & privacy

Where your data lives, and how it's protected.

  • GDPR & KVKK-aligned, with Customer Data hosted in the EU (Frankfurt) and encrypted at rest.
  • A Data Processing Agreement and a current subprocessor list are published.
  • Export all your plans and registers at any time — we never hold your continuity program hostage.

Due diligence

Procurement and risk teams can self-serve, without waiting on a sales call.

  • We're happy to complete your security questionnaire and walk through our controls.
  • Request our controls overview and DPA at security@resilira.com.

Support & incident response

Response targets are explicit, not just channel names — because a continuity tool has to be reachable when it counts.

  • Starter: email support, next-business-day response. Growth: priority email, same-business-day.
  • Business: Slack Connect + onboarding, 4 business-hour response. Enterprise: dedicated CSM, 1-hour Sev1 response, 24/7.
  • Break-glass: during a declared Sev1/Sev2 incident, every paid plan gets a priority escalation path.
  • And the program stays reachable even if we are not: offline PDF/DOCX exports plus a read-only break-glass mirror.