Security & Trust
(Cloud & On-Premises Solutions)
Summary
| Area | Measure | Status / Implementation |
|---|---|---|
| Data transmission | TLS encryption | SSL TLS 1.3, 256-bit keys, ECDSA signatures. |
| Authentication | Password hashing | Argon2 algorithm. Passwords are never stored in plain text. |
| Database | Network access | No direct internet connection; access only via the application layer. |
| Operations (Cloud) | Hosting location | Germany (EU legal jurisdiction). |
| Hosting certification | ISO 9001, ISO 27001, ISO 27701. | |
| Backups | Commitment to regular, encrypted database backups. | |
| Access control | Role model (RBAC) | Strict separation between administrator and user privileges. |
| Logging / audit | Logging of all login attempts and access to sensitive data. | |
| Data protection | GDPR compliance | Right to erasure / data portability; anonymous use possible. |
At WeCare, security is a fundamental principle of our platform architecture. We are committed to protecting user data through a multi-layered security approach and to ensuring full compliance with the GDPR and high European data protection standards. Our infrastructure and processes are designed to provide robust security and reliability for both our cloud and on-premises customers.
Application & Data Security (Cloud)
Encryption in transit: All data transmitted between the platform and its users is protected by strong encryption (SSL TLS 1.3, 256-bit keys, ECDSA signatures).
Encryption of data at rest: Personal data is also protected at rest by strong encryption (AES-256).
Passwords: All user passwords are protected by a secure hashing algorithm (Argon2) and are never stored in plain text.
Data location: All cloud data is stored exclusively in ISO-certified data centres in the EU.
Operational Security (Cloud)
Backups: We commit to performing regular backups of all cloud data.
Monitoring & logging: Security-relevant activities, including access to sensitive personal data (e.g. email addresses), are continuously logged.
Service availability: Our cloud platform is designed for fault tolerance to ensure consistent availability.
Identity & Access Management
Role-based access control (RBAC): The platform uses a clear role separation model. Administrative functions and access to sensitive data are strictly limited to authorised administrator accounts.
Hosting by Certified Partners (Cloud)
For hosting our cloud services, we rely on EU-based service providers (Germany) certified in accordance with ISO 27001 (information security) and ISO 27701 (privacy information management).