Illizeo — Header EN (preview mega-menus)
Login Try for free →
Security

Your HR data,
secure.

Swiss & EU hosting, end-to-end encryption, GDPR & FADP compliance, annual independent audits. At Illizeo, security is never optional.

99.9%Uptime SLA
AES-256Encryption at rest
TLS 1.3+Encryption in transit
72 hIncident notification

The 6 pillars of our security

A multilayered approach designed for the strictest HR requirements.

🇨🇭

Sovereign hosting

100% in Switzerland and the EU with ISO 27001 providers.

  • Infomaniak (Geneva)
  • European data centers
  • No US transfer without safeguards

Systematic encryption

Your data is encrypted in transit and at rest, without exception.

  • AES-256 on databases and files
  • TLS 1.3+ on every flow
  • Internal KMS, automated rotation

Zero Trust access

SSO, MFA and full logging for every access.

  • Mandatory SSO + MFA
  • Strict least-privilege RBAC
  • SIEM logs retained 30 days minimum

Isolated multi-tenancy

Your data never crosses paths with another customer’s.

  • Logical isolation by internal UUID
  • Automated integration testing
  • Dev / Test / Prod segregation

Business continuity & resilience

Automated backups, geo-redundancy, tested disaster recovery.

  • Backup every 24h, retained 30 days
  • Geo-redundant data centers EU/CH
  • DRP aligned with ISO 22301, tested annually

24/7 monitoring

Intrusion detection, real-time monitoring, on-call team.

  • HIDS on every instance
  • IDS/IPS + Threat Intelligence
  • Immediate alerts to Security engineers

Compliance & certifications

Annual independent audits, alignment with international standards.

GDPRArt. 28 & 32, DPA availableCompliant
🇨🇭Swiss FADPRevised FADP 2023 in forceCompliant
ISO/IEC 27001Information security managementIn progress
ISO/IEC 27701Privacy managementIn progress
🇪🇺DPFEU-US Data Privacy FrameworkCovered via providers
ePrivacyApplicable EU directiveCompliant
SOC 2 Type IICertified hosting providersIndirect
🇩🇪BSI C5German cloudIndirect

Our commitments

Security isn’t just a list of certifications. It’s a daily commitment to your data and your teams.

View full TOMs →
  • Incident notification within 72h max (GDPR art. 33)
  • Independent DPO reachable at dpo@illizeo.com
  • Annual pentests by an external firm
  • Annual independent audits
  • Your data recoverable within 30 days of termination
  • No advertising, no data resale

Legal hub

Everything you need to know — accessible and transparent.

Technical and Organizational Measures

Technical detail of every security measure we apply.

View →

Data Processing Addendum

The standard DPA we sign with our customers.

View →

Subcontractors

Up-to-date list of third parties involved in processing.

View →