Infrastructure Features
Hetzner Cloud
Hetzner Online GmbH is ISO 27001-certified and operates its own data centers in Germany and Finland. Chosen for their track record on privacy, data sovereignty, and compliance with EU regulations.
Nuremberg, Germany
Primary data center in Falkenstein, Germany — inside the EU with strict German data protection laws (BDSG) in addition to GDPR. Physical access restricted to authorized personnel with 24/7 monitoring.
Automated Backups
Automated daily snapshots with 30-day retention for database and configuration data. Backup integrity is verified on every restore test. No customer document content is ever stored after processing.
99.9% Uptime
99.9% uptime SLA backed by redundant network links, RAID storage, and automated failover. Health checks run every 5 minutes with automatic service restart on failure.
Security Measures
Network Security
- UFW firewall with strict allowlist rules — only ports 80, 443, and SSH open
- fail2ban intrusion prevention with automatic IP blocking after failed attempts
- Rate limiting on all API endpoints to prevent abuse and brute-force attacks
- DDoS protection via Hetzner Cloud network filtering at datacenter level
Application Security
- TLS 1.3 preferred, TLS 1.2 minimum — older protocols disabled entirely
- Security headers: HSTS (1-year max-age), CSP, X-Frame-Options, CORP
- Automated dependency updates via Dependabot with weekly security scans
- Principle of least privilege: each service runs as its own non-root system user