Security

Last updated: February 2025

Scope. This page describes security in two contexts: (1) this website (the marketing site) and (2) the SaaS Tracker product (the analytics platform we offer to customers).

This website

This is a static marketing site. We do not run login or payment flows here. The main data we collect is via contact (email) and analytics (e.g. Google Analytics). We keep the site and any forms or integrations up to date and rely on reputable hosting. For how we handle personal data collected on the site, see our Privacy policy.

SaaS Tracker product

Security of the SaaS Tracker analytics platform is central to how we design and operate it. Below is a high-level overview; customers receive more detail in our data processing agreement (DPA) and related documentation.

Infrastructure and hosting

SaaS Tracker is hosted in the European Economic Area. We use providers that meet high security and compliance standards. Data is stored and processed within the EEA unless we have agreed otherwise with you (e.g. via standard contractual clauses for a specific sub-processor).

Data and access

The product is built so that we do not need to store personal data (such as names or email addresses) in the analytics pipeline. Identifiers are pseudonymised. Access to production systems and data is restricted, logged, and reviewed. We apply the principle of least privilege and use strong authentication where applicable.

Availability and operations

We aim for high availability and use monitoring, backups, and incident response procedures. Details (e.g. SLA, backup retention) are set out in the agreement we have with you.

Compliance and audits

We operate in line with applicable data protection law (e.g. GDPR) and, where relevant, support your compliance and audit needs. Sub-processors and security practices are described in the DPA. For specific certifications or audit reports, please contact us.

Reporting a security issue

If you believe you have found a security vulnerability in this website or in the SaaS Tracker product, please report it to us at info@secora.fi. We will acknowledge and investigate reports in good faith and, where appropriate, work with you to resolve the issue. We ask that you do not disclose the issue publicly before we have had a chance to address it.

Contact

For security-related questions: info@secora.fi.