Security Policy
Last updated: December 31, 2025
Our Commitment to Security
At LabCalibrate.com, we treat the security of your data with the highest importance. We employ comprehensive technical and organizational measures to protect your information from unauthorized access, loss, or destruction.
Security Measures
Data Encryption
Data in transit is encrypted using industry-standard TLS. Encryption at rest depends on storage provider controls; we configure industry-standard protections.
Authentication
Passwords are hashed using industry-standard algorithms. Sessions are managed via tokens with defined expiration times.
Hosting
Infrastructure hosted with industry-standard providers. Physical security depends on the hosting provider's data center controls.
Backups
Data backup frequency and retention are configured according to our operational requirements. Contact us for details.
Monitoring
We monitor key metrics and logs where operational. Alerts are configured for detected security anomalies.
Data Isolation
Each organization has an isolated database at the application level. Data is not shared between customers.
Password Protection
To increase account security, we recommend:
- Using a unique password for LabCalibrate.com
- Password should contain at least 12 characters, uppercase and lowercase letters, numbers, and special characters
- Not sharing your password with third parties
- Changing your password periodically (every 3-6 months)
Data Hosting
Your data is stored in the following locations:
- Database: Hosted with MongoDB Atlas in EU (Frankfurt, Germany)
- File storage: Cloudflare R2 with global edge locations. Files may be stored in various geographic regions for performance and redundancy.
- Application: Hosted with Hostkey in Netherlands
- Logs/analytics: Server logs stored on Hostkey (Netherlands), user analytics with PostHog (EU region)
File Storage
Uploaded files (calibration certificates, reports) are stored in Cloudflare R2 with:
- Transmission encryption (industry-standard TLS)
- Encryption at rest depends on provider controls
- File size limit: 10 MB
- File type validation before storage
Data Access
Access to user data is limited to:
- Technical personnel for troubleshooting technical issues
- Support personnel for assisting users
All access is logged where operational. Employees have access only to data necessary to perform their duties.
No Guarantee
No system is 100% secure. We implement reasonable measures to protect your data, but cannot guarantee complete protection against all threats. You are responsible for maintaining the security of your account credentials.
Reporting Incidents
If you discover a potential security issue, please report it immediately at security@labcalibrate.com or using the form on the main page.
We aim to:
- Confirm receipt within 24-48 hours
- Respond with action details within a reasonable time
- Follow responsible disclosure principles
Data Breaches
In the event of a personal data breach that poses a risk to your rights and freedoms:
- We will notify you without undue delay where required by applicable law
- We will notify relevant supervisory authorities where required by GDPR and applicable laws
- We will provide information about the nature of the breach and suggested actions
Limitation of Liability
Despite the security measures in place:
- We do not guarantee complete protection against all threats
- We are not liable for security breaches resulting from User actions
- We are not liable for disclosure by Users to third parties
Regular Reviews
Our security measures are periodically reviewed and updated, including:
- Regular software updates
- Staff security awareness training
- Security policy reviews
Compliance
We strive for compliance with:
- General Data Protection Regulation (GDPR) – EU privacy legislation
- Polish data protection laws
- Applicable data protection laws in other jurisdictions
Children's Privacy
The Service is not intended for persons under 16 years of age. We do not knowingly collect data from children. If we discover we have collected data from a child, we will delete it immediately.
Questions?
For any security-related questions, contact us at security@labcalibrate.com or use the form on the main page.
Report a Security Incident
Email security@labcalibrate.com or use the form on the main page to report potential security issues.