How heylogin meets compliance requirements
Best conditions for your company
We take full responsibility that heylogin works for you and your employees.
Our server architecture allows us to respond to unexpected failures in the shortest possible time.
Using the latest cryptography, we can guarantee your data is safe from hackers.
We believe high quality assurance can be achieved by using modern methods of software development.
Our compliance in detail
We strive for 99.9% availability on annual average. Contractually, we guarantee 99%.
heylogin has no limits. We reserve at least 500MB of storage per organization.
Depending on the contract, 9/5 support by email and 9/5 support by phone is assured.
The heylogin production environment is in Nürnberg, the standby server is in Falkenstein, backups are stored separately in Frankfurt. All data centers are ISO-27001 certified.
Within a restart time of max. 30 minutes the standby server can be converted to a production environment. No data loss occurs in this case.
The heylogin production environment is monitored by a monitoring system every minute. In case of failures and anomalies, notifications are sent and logged.
There is always a staff member on standby to intervene in case of anomalies.
The architecture of heylogin is documented and available for all employees. We are working on a whitepaper which will publicly present our architecture in the future.
Errors in heylogin components are sent to a tracking system. The message contains only necessary diagnostic data and a pseudonymized ID, but never content data.
heylogin is secured by an automated test suite. This includes correctness and compatibility of code changes.
All data is end-to-end encrypted using the smartphone hardware and thus cannot be viewed by us as the operator. The implemented cryptographic algorithms are Curve25519, XSalsa20 and Poly1305.
All devices are authenticated 'out-of-band', either by a QR code that initiates a Diffie-Hellman key exchange, or by a hash-commitment protocol using Short Authentication Strings.
TLS 1.2 and 1.3 are used and enforced with HSTS.
Backups are encrypted with ChaCha20 and protected against modification with Poly1305.