Your Data is Safe

Enterprise-grade security to protect your business data. GDPR compliant. Hosted in Europe.

Encryption

• TLS 1.3 for all connections
• AES-256 encryption at rest
• Encrypted database backups
• Secure key management

Infrastructure

• Google Cloud Platform (EU)
• SOC 2 compliant hosting
• Automatic failover
• Daily encrypted backups

Privacy

• GDPR compliant
• Data stored in EU only
• No data selling, ever
• Right to erasure support

Access Control

• OAuth 2.0 authentication
• Role-based permissions
• Session management
• Audit logging

Compliance

GDPR

Full compliance with EU data protection

eIDAS

Electronic signatures legally binding in EU

ISO 27001

GCP hosting certified

Our Data Practices

What We Collect

We collect only the data necessary to provide the service: your account info, the quotes and invoices you create, and your client information. We do not collect unnecessary personal data.

How We Use It

Your data is used solely to provide Estimy services. We never sell your data to third parties. We may use anonymized, aggregated data to improve the product.

Data Retention

We retain your data as long as your account is active. Invoices are kept for 10 years as required by law. You can export or delete your data at any time.

Third-Party Processors

We use carefully vetted processors: Google Cloud (hosting), Stripe (payments), Brevo (emails). All processors are GDPR compliant and sign Data Processing Agreements.

Questions about security?

Contact our security team at [email protected]