Products
CRM Helpdesk Live Chat Task management Project management VoIP Knowledge base Email Email marketing Feedback Forms and surveys
More
Integrations Features Pricing Blog Contact
Log in Try for free

Security

The security of your data is our priority.

SSL Encryption

All connections encrypted with TLS 1.2/1.3.

Backups

Daily encrypted backups with 30-day retention.

GDPR

Full GDPR compliance. Data Processing Agreement available.

Infrastructure & Hosting

Amazon AWS Servers

Sugester runs on Amazon Web Services servers in the eu-west-1 region (Ireland) — within the European Union. AWS is a leading cloud platform certified with ISO 27001, SOC 2 and PCI DSS.

  • Region: EU (eu-west-1, Ireland) — data stays within the EU
  • Multi-AZ deployment — redundancy across multiple availability zones
  • Auto Scaling — automatic scaling during traffic peaks
  • CDN CloudFront — fast loading worldwide
  • RDS PostgreSQL — managed, replicated database
  • S3 with encryption — secure file storage

Data Encryption

  • Transport: TLS 1.2/1.3 — all connections HTTPS with SSL certificate
  • Data at rest: AES-256 — encryption of data in the database and on disks
  • Passwords: bcrypt — user passwords are hashed, never stored as plain text
  • API: JWT tokens with expiration date — secure API authorization
  • Emails: SMTPS/STARTTLS — outgoing mail encryption

Authentication & Access Control

  • 2FA (Two-Factor Authentication) — optional or mandatory 2FA via Google Authenticator or SMS
  • Roles & Permissions — granular control: administrator, manager, agent, read-only
  • IP Restriction — ability to restrict account access to selected IP addresses
  • Sessions — automatic logout after inactivity timeout
  • Activity Logs — full audit log of user actions in the system
  • SSO — option to integrate with your corporate SSO system (Google Workspace, Azure AD)

Monitoring & Business Continuity

  • 24/7 monitoring — automatic alerts on availability and performance anomalies
  • SLA 99.9% — guaranteed system uptime
  • Daily backups with 30-day retention and encryption
  • Disaster Recovery — system restoration plan after failure
  • Status page — public service availability report

GDPR & Personal Data Protection

Sugester is fully compliant with GDPR (General Data Protection Regulation). As the data processor for your customers' data, we sign a Data Processing Agreement (DPA).

  • Data Processing Agreement (DPA) available on request
  • Right to erasure of customer data on request
  • Data export in standard formats (CSV, JSON)
  • Processing register in accordance with Art. 30 GDPR
  • Privacy by Design — minimisation of collected data

To sign a Data Processing Agreement or ask questions about GDPR, please contact us at: [email protected]

Code & Application Security

  • Regular security audits of code and infrastructure
  • Automatic dependency scanning for vulnerabilities (CVE)
  • Penetration testing performed by external specialists
  • Responsible disclosure — vulnerability reporting program
  • Regular updates of the system and libraries