Back to legal overview

Security Overview

Effective Date: 01-01-2023
Last Updated: 28-11-2025
Company: SEINō B.V., Randstad 22-15, 1316 BN Almere, The Netherlands
Contact: legal@seino.ai

At SEINō we take the security of customer data seriously. This Security Overview explains how we protect your data, how our systems are designed, and what safeguards we use every day. Our goal is simple, keep your data safe, private and available.

1. Hosting and Infrastructure

We host SEINō on trusted, certified cloud providers.

EU-only storage

All customer data is stored and processed in:

  • Google Cloud EU servers
  • Hetzner EU servers

We do not store customer data outside the European Union.

Platform architecture

SEINō runs on:

  • container-based services
  • managed databases
  • isolated environments for development and production
  • dedicated monitoring tools

Development and production systems are strictly separated.

2. Data Encryption

In transit

All data is encrypted using TLS 1.2 or higher

This applies to traffic between:

  • your ESP and SEINō
  • your browser and our platform
  • internal system components

At rest

We use AES-256 encryption

This covers databases, storage buckets, logs and backups.

3. Access Control

Principle of least privilege

Only people who need access for their work receive access.

Authentication

  • Multi-factor authentication required for all internal accounts
  • Strong password policies
  • No shared accounts
  • Automatic session timeouts

Roles and permissions

  • Access is granted based on job role
  • Sensitive operations are restricted to senior engineers
  • Access rights reviewed quarterly

4. Network Security

Cloudflare protection

We use Cloudflare to protect the SEINō platform with:

  • Web Application Firewall
  • DDoS protection
  • Rate limiting
  • HTTPS enforcement

Firewall rules

  • Only necessary ports are open
  • Databases are never publicly exposed
  • Internal services are protected with private networking

5. Logging and Monitoring

System monitoring

We continuously monitor:

  • uptime
  • performance
  • unusual traffic patterns
  • API usage
  • authentication activity

Application logging

We log:

  • errors
  • performance issues
  • system health events

Logs do not contain identifiable personal data.

Error tracking

We use Sentry to detect system errors.
All data sent to Sentry is pseudonymized.

6. Backups and Resilience

Regular backups

We create encrypted backups to ensure recovery in case of:

  • hardware failure
  • accidental deletion
  • system outage

Redundancy

We rely on Google Cloud’s built-in redundancy to ensure:

  • high availability
  • automatic failover

Disaster recovery

We maintain a documented recovery plan
and regularly test critical components.

7. Software Development Security

Secure development practices

Our development workflow includes:

  • mandatory code reviews
  • automated tests
  • continuous integration
  • static code analysis tools
  • dependency scanning

Environment isolation

  • Development environments do not contain production data
  • We never copy customer data into test environments
  • Any dataset used for testing is synthetic or anonymized unless explicit consent is given

8. Incident Response

We have a documented Incident Response Plan.

If we detect a personal data breach:

  • we investigate immediately
  • we take containment and mitigation steps
  • we notify affected customers within 72 hours

We also support customers in assessing whether notification to their data subjects is required.

9. Third-Party Security

We publish a full list of subprocessors we use:
https://www.seino.ai/legal/subprocessors

We evaluate each provider on:

  • security certifications
  • GDPR compliance
  • data location
  • contractual guarantees
  • technical controls

All subprocessors operate under a Data Processing Agreement with SEINō.

10. Customer Controls

You have full control over your data.

You can:

  • delete data
  • export your data
  • disconnect integrations
  • request permanent deletion
  • manage user roles

We only process data based on your instructions.

11. Continuous Improvement

Security is not a one-time project.
We regularly:

  • update our infrastructure
  • improve monitoring
  • review our policies
  • follow industry best practices

We stay informed about new regulations, especially GDPR and the EU AI Act,
and update our security posture accordingly.

Use Cases
Features
Resources
Product
Join our newsletter
Subscribe
Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.
Copyright © SEINō 2025