Data Security & Privacy

The security of your data is our top priority. That’s why we use the latest security technologies and have continuously optimized all safety-themed processes.

100 GDPR compliant

The LOLYO employee app is 100 GDPR compliant. We take all measures to ensure the security of processing in accordance with Art 32 GDPR. All data processing activities are carried out exclusively within the EU or the EEA.

Architecture

LOLYO’s system architecture is designed to minimize security risks. Access to the software from Outside is restricted to the required systems only.

Encryption of data

All traffic is encrypted with SSL (protocol TLS 1.2). The key length is 2048 bit (SHA256withRSA). All passwords are hashed using the PBKDF2 method (with HMAC-SHA256, a 128-bit salt and a 256-bit subkey). This makes it impossible to extract passwords.

Data centers in Germany

As part of lolYO’s service provision, the services of a data center are rented. The headquarters and location of this data center is in Germany. The data center provides only the infrastructure and does not have access to the data. This state-of-the-art data center provides state-of-the-art security standards and 24/7 emergency support. The data center is secured as follows: access via access chip/card, alarm system secured, security service on site, smoke detector/fire alarm system, smoke extraction system, water detector as well as redundant Internet connection and DDoS protection.

System access/access

Access to the production system is limited to our core development team, which is responsible for maintenance, updates and troubleshooting.

Backups & Recovery

We perform daily backups for all relevant systems and databases. These backups are stored encrypted for up to one month.

Confidentiality agreement

Our employees have signed a confidentiality agreement and are constantly trained and sensitized on the subject of security and data protection.

Contract for order data processing

More detailed information on data protection and data security can be found in our contract for order data processing (technical and organizational measures, etc.).