Best conditions for your company

Support & availability

Support & availability

We take full responsibility that heylogin works for you and your employees.

Highest server standards

Highest server standards

Our server architecture allows us to respond to unexpected failures in the shortest possible time.

Secure encryption

Secure encryption

Using the latest cryptography, we can guarantee your data is safe from hackers.

Modern development

Modern development

We believe high quality assurance can be achieved by using modern methods of software development.

Our compliance in detail

FreeCompliance Whitepaper

Whitepaper

Contract details

Availability

Availability

Our architecture ensures 99.9% annual average availability.

Capacity

Capacity

heylogin has no limits. We reserve at least 500MB of storage per organization.

Termination

Termination

Depending on the contract period you can cancel the contract at the next month or yearly. After cancellation, stored logins are exportable for at least 30 days.

Support

Support

Depending on the contract, 9/5 support by email and 9/5 support by phone is assured.

Operations

Server locations

Server locations

The heylogin production environment is in Nürnberg, the standby server is in Falkenstein, backups are stored separately in Frankfurt. All data centers are ISO-27001 certified.

Reliability

Reliability

Within a restart time of max. 30 minutes the standby server can be converted to a production environment. No data loss occurs in this case.

Monitoring

Monitoring

The heylogin production environment is monitored by a monitoring system every minute. In case of failures and anomalies, notifications are sent and logged.

Incident response

Incident response

There is always a staff member on standby to intervene in case of anomalies.

Software development

Documentation

Documentation

The architecture of heylogin is documented and available for all employees. We are working on a whitepaper which will publicly present our architecture in the future.

Error handling

Error handling

Errors in heylogin components are sent to a tracking system. The message contains only necessary diagnostic data and a pseudonymized ID, but never content data.

Quality assurance

Quality assurance

heylogin is secured by an automated test suite. This includes correctness and compatibility of code changes.

Cryptography

End-to-end encryption

End-to-end encryption

All data is end-to-end encrypted using the smartphone hardware and thus cannot be viewed by us as the operator. The implemented cryptographic algorithms are Curve25519, XSalsa20 and Poly1305.

End-to-end authentication

End-to-end authentication

All devices are authenticated 'out-of-band', either by a QR code that initiates a Diffie-Hellman key exchange, or by a hash-commitment protocol using Short Authentication Strings.

Transport encryption

Transport encryption

TLS 1.2 and 1.3 are used and enforced with HSTS.

Backup encryption

Backup encryption

Backups are encrypted with ChaCha20 and protected against modification with Poly1305.

FreeCompliance Whitepaper

Whitepaper

Additional requirements?

Feel free to contact us!

Dr. Dominik Schürmann, CEO heylogin GmbH

Dr. Dominik Schürmann, CEO heylogin GmbH

+49 531 22435119 hey@heylogin.com