Security

At Kombiner, security and data protection are fundamental to how we design, build, and operate our platform.

We continuously work to ensure that customer data is handled securely, confidentially, and in accordance with applicable data protection laws.

Infrastructure

Kombiner is hosted on secure cloud infrastructure provided by Google Cloud Platform (Firebase).

This provides:

  • Enterprise-grade physical security
  • Redundant data centers
  • High availability architecture
  • Continuous infrastructure monitoring

Data is stored in professionally managed, secure data environments.

Encryption

We use industry-standard encryption to protect data:

  • All data in transit is encrypted using HTTPS/TLS
  • Platform communication is encrypted end-to-end
  • Secure authentication mechanisms protect account access

Access Control

Access to systems and customer data is strictly controlled through:

  • Role-based access controls
  • Authentication safeguards
  • Principle of least privilege
  • Secure development practices

Internal access to production environments is limited to authorized personnel only.

Data Protection & GDPR

Kombiner is built to support GDPR compliance.

  • Customers act as Data Controllers
  • Kombiner acts as Data Processor
  • A Data Processing Agreement (DPA) is included in our Terms
  • Customers can define retention policies within the platform
  • Data export and deletion options are supported

Monitoring & Logging

We maintain logging and monitoring systems designed to:

  • Detect unusual activity
  • Identify potential security incidents
  • Support auditability

Security events are investigated promptly.

Sub-Processors

We use trusted third-party providers such as:

  • Google Cloud / Firebase
  • SendGrid (email delivery)

All sub-processors are bound by data processing agreements and appropriate safeguards.

A full list is available at the sub-processors page.

Incident Response

In the event of a security incident affecting personal data:

  • Customers are notified without undue delay
  • Relevant information is provided
  • We support customers in meeting regulatory obligations

Responsible Disclosure

If you believe you have identified a security vulnerability, please contact: support@kombiner.com

We appreciate responsible disclosure and will investigate promptly.

Last updated 23. February 2026