Security & trust
Trusted where the rules are strictest.
ResiliencePilot is built for organisations that get audited. The controls auditors and regulators ask about aren't add-ons here; they're the foundation.
How we protect your data
Six assurances, not a checklist.
EU data residency
Your data is hosted and processed in the EU, on Microsoft Azure (Sweden Central), and stays in-region. That matters for GDPR, DORA and NIS2.
GDPR & your DPA
We process your data as your processor, on your documented instructions, under the EU GDPR. A Data Processing Addendum is available and we support data-subject requests. Supervisory authority: Datatilsynet.
A database per tenant
Each customer's data lives in its own database, not a shared table with a tenant column, so it is never co-mingled with another organisation's.
Access you control
Enterprise SSO (SAML 2.0, OIDC and Microsoft Entra ID), multi-factor authentication, and role-based access enforced down to the action across every module.
A record you can trust
Every action is written to a tamper-evident, hash-chained audit log: each entry links to the one before it, so any change is detectable.
Responsible AI
rAIley only ever sees your own tenant's data, every interaction is audit-logged, and one switch disables all AI org-wide. It drafts; your team approves.
A record you can trust
Every action, on a tamper-evident trail.
Each entry is hash-chained to the one before it, so any change is detectable. Filter by user, action, resource or date, and export the trail your auditor asks for.
Access you control
Sign in the way your enterprise already does.
Enterprise SSO via SAML 2.0, OIDC and Microsoft Entra ID, with multi-factor authentication and role-based access enforced down to the action across every module.
Assurance, the honest version.
We build to ISO 27001 and SOC 2 controls, and formal certification is underway. For our current security posture, our sub-processor list and our Data Processing Addendum, request the security pack and we’ll walk your team through it.