Data Protection
Data Protection

Tooliyo is dedicated to maintaining a robust security program that incorporates technology and security measures for the organization. Please find out more details on our security concepts and security measures below.
Certified Data Centers
Tooliyo is a reliable cloud service provider that meets top security specifications, such as AWS. All of our cloud providers and the data center are ISO 27001 certified. Cloud services are hosted by the USA server.
Data Isolation
Our infrastructure and software were developed from the beginning with the idea of data isolation for our customers in mind. Every conversion is run in an isolated, separate container. It means the Tooliyo team is technically unable to be able to access the files you've uploaded. If we require access to the files to support reasons, We'll request that you manually transfer them.
Storage Security
Files are stored only to be processed and then deleted following processing. Tooliyo deliberately does not offer any permanent storage. Instead, we integrate with your trusted and existing storage system, such as Amazon S3 or many other services.
Scalability
Tooliyo automatically expands as it increases load. By separating resources, we ensure that the peak load of one customer does not affect the other customers.
Network Security
All transfers from and to Tooliyo are SSL secured. We make sure that we use modern encryption algorithms. The network is constantly monitored and connected with our cloud service provider firewalls.
Access Control
Zugang to Tooliyo website interface is controlled by two-factor authentication and access rights. Every access point is tracked and is viewed by the customer via detailed logs of activity. API authentication is based on the OAuth 2.0 standard and is restricted by access areas.
Organizational Principles
The Tooliyo staff are trained to handle your data with care. We follow documented procedures regarding Security Management, Incident Management, and Human Resources Security. We regularly conduct security training to increase our knowledge of the security process.
Development Principles
Our team adheres to industry-standard methods for building and maintaining secure infrastructure and code. This includes periodic code reviews and vulnerability testing. Our infrastructure, software, and security procedures are continually modified to reflect technological advancements.
Availability & Fault Tolerance
Our infrastructure is built in a completely redundant way and is distributed across multiple availability zones. Since the time we started in 2012, our team has learned how to provide reliable service even in the event of peak load or downtimes in the data center.
Privacy & GDPR Compliance
We're subject to the strictest European law regarding data protection, and we're committed to ensuring compliance with the General Data Protection Regulation (GDPR). If you'd like to sign a consent-based data processing contract (DPA) with us, contact us. Learn further about our privacy policies and GDPR on the Privacy Policy.