Our platform runs on AWS infrastructure, with robust physical and logical safeguards. These facilities are monitored 24/7, with multi‑factor access controls and surveillance, ensuring only authorized personnel can reach our systems.

On the network side, production and non‑production environments are isolated, using virtual private networks and segmented subnets, and applying strict firewall rules. This layered approach prevents unauthorized lateral movement and tightly controls traffic flow. Combined with real‑time monitoring and automated alerting, our infrastructure is designed to stay resilient against failures and intrusions.

Tight access controls are fundamental to our security model. Internally, least‑privilege principles are enforced: employees receive only the minimum access necessary for their roles, and every access request ied single‑sign‑on (SSO) solution for all internal systems. All team members sign confides reviewed, approved, and logged. Multi‑factor authentication is required via a confidentiality agreements, and undergo security training.

On the customer side, the platform offers role‑based access control (RBAC) so customers can map their own organizational roles to specific permissions. Whether you’re granting read‑only access to auditors or full admin rights to your risk and compliance teams, Duna lets you tailor user privileges down to detail.

With industry‑standard protocols data in transit is encrypted (TLS or equivalent) and data at rest is encrypted (AES‑256 or similar). Encryption keys are managed with strict controls and rotated regularly to minimize risk.

All customer data is stored in the European Union, under the full scope of GDPR. Data minimisation is enforced, clear consent processes are maintained, and tools are provided to meet data‑subject rights such as access, correction, and deletion requests. By combining strong encryption with local processing, customer data remains confidential and compliant.