Security & Compliance

Security & Privacy

At Mesoica, we prioritize security and data protection. We've implemented all essential processes to adhere to data protection and privacy laws.

ISO 27001

GDPR

ISO 27001 Certification

Your data is secure with Mesoica. We are ISO 27001 certified, the global standard for information security. This certification ensures that your data entrusted to Mesoica is safeguarded by robust security measures and is safe from hackers.

GDPR Compliance

The General Data Protection Regulation (GDPR) is a comprehensive set of data protection regulations enforced in the European Union (EU). Any application that handles personal data of EU citizens must comply with GDPR standards.

Mesoica is committed to GDPR compliance. We are headquartered in the Netherlands, and all of our data sub-processors are also EU-based. No data sent to Mesoica is handled outside of the EU's stringent data protection framework.

Compliance

Our approach to security

Information security is deeply integrated into our daily process. As such, we've taken comprehensive measures to ensure your data is safeguarded, such as regular penetration testing, backup testing, monitoring security advisories, and adding support for single sign-on.

Penetration test: We conduct regular penetration testing exercises as part of our ISO 27001 certification, across all of our production development and test environments. These simulated cyberattacks enable us to identify and proactively remedy any discovered vulnerabilities.
Single Sign On: Easily integrate with your existing user authentication such as Active Directory or Google Accounts. This allows users to quick and secure access our platform without the need for less secure additional accounts. No more passwords scribbled on Post-it notes!
Automated testing: Our code undergoes regular rigorous automated testing. This comprehensive testing process safeguards the integrity of our software, guaranteeing its reliability and stability across all functionalities.
Compliance automation: We've embraced Sprinto as our continuous compliance platform, allowing us to maintain constant vigilance over our security posture. Sprinto serves as a sentinel, swiftly alerting us to any deviations or potential compliance issues.
Dependency monitoring: All software libraries and dependencies are scanned and monitored daily. Upon publication of security advisories we will be alerted and will apply patches within SLA's as dictated by the relevant security frameworks.
Backups: Your data is continuously backed up. These backups are stored offsite to geographically diverse locations at least once a day, providing additional protection in case of any local disruption of service.