Scrutare

01 · Security

Swiss-grade security for your due diligence.

Bank-level encryption · Swiss hosting · full audit trail. Compliance is not an add-on, but the platform core.

  • DSG · GDPR
  • AES-256
  • Audit trail
02 · Live Trust Center·last sync 14s ago
status.scrutare.ch — system-uptime.log

System status

  • API Gateway
    99.97%Status: Operational
  • Document Storage
    99.99%Status: Operational
  • AI Workstreams
    99.95%Status: Operational
  • Auth Provider
    99.98%Status: Operational

Certifications

  • DSG / EU-GDPRAchieved

    Since 2024

    Document
  • Pen-Test 2026 Q1Achieved

    Since 02/2026

    Document
  • ISO 27001:2022In progress

    Target Q4 2026

  • SOC 2 Type IIPlanned

    Target Q1 2027

Compliance documents

  • DPA template (Data Processing Agreement)

    EU-GDPR Art. 28 + Switzerland DSG Art. 9 compliant.

    Download

  • Sub-processors list

    Current list of all sub-processors with region.

    Download

  • Penetration test report (sanitised)

    Q1 2026 test, results + remediation.

    Request

  • Security whitepaper

    Architecture, threat model, encryption standards.

    Download

Pen-test (sanitised)

Last external penetration test: 02/2026. Sanitised report on request.

Compliance contact

compliance@scrutare.chBook appointment

03 · Roadmap

Certifications in the pipeline.

We only communicate what's actually achieved — and what's currently in progress.

  • DSG / EU-GDPR

    Achieved

    Since 2024

    Fully compliant since platform launch. DPA template available on request.

    Request document

  • Pen-Test 2026 Q1

    Achieved

    Since 02/2026

    External penetration test completed. Sanitised report on request.

    Request document

  • ISO 27001:2022

    In progress

    Target Q4 2026

    Stage-1 audit completed. Stage-2 planned for Q3 2026.

  • SOC 2 Type II

    Planned

    Target Q1 2027

    Planned audit window after ISO 27001 completion.

04 · Data residency

Data stays in Switzerland.

Primary and DR region within Switzerland. No US cloud, no EU routing for storage. Key management in Swiss HSM.

Primary region
Switzerland · Zurich (ZH1)
DR region
Switzerland · Geneva (GE1)
Backup frequency
Hourly · 30-day retention
Cross-border transfer
None — data does not leave Switzerland

05 · Audit trail

Every action. Every user. 7 years.

Four properties that distinguish our audit trail from typical activity logs.

  • Who · What · When

    Every read/write logged with user ID, document, timestamp (UTC), IP. No trail bypass — admin actions visible too.

  • 7-year retention

    Audit logs WORM-archived for 7 years (append-only, immutable). Meets FINMA and Swiss DSG retention requirements.

  • Export at the push of a button

    Complete DD audit trail exportable as signed JSON or PDF. For IC reviews, regulator inquiries, post-mortems.

  • Tamper-evident

    Each log entry is hash-chained. Manipulation visible at verification. Keys rotate quarterly.

06 · Compliance contact

Questions about security or compliance?

Direct line to our security team. No sales filter, no Tier-1 support.

compliance@scrutare.chBook appointment
Security & Compliance | Scrutare