Skip to content
Start free trial Book a demo Log-in
Start free trial Book a demo Log-in

Keeping your data safe. Always.

 

 

Learn how we approach security, privacy, and compliance at Starhive.

SOC2 type 2

SOC 2 Type II

Starhive is SOC 2 Type II certified meaning we have adequate internal controls in place to protect our customers' data.

gdpr

GDPR

Starhive is GDPR compliant, including, but not limited to, support for data rectification, the right to be forgotten, and a comprehensive audit trail. 

image 145

EU data residency

All data resides in Sweden to ensure your data is stored and processed within the European Union.

Property 1=time (2)

Our approach to security

At Starhive, we understand that trust is earned through transparency and demonstrated commitment to security.

We've built our platform with security as a foundational principle, not an afterthought. Our comprehensive security program protects your data through rigorous processes, industry-leading standards, and continuous monitoring.

 

Revenue-sharing

Quick links

Status page   ⋅   Privacy policy    ⋅   Terms of service

Feature checklist

Our policies

Data residency & sovereignty
  • All customer data is stored exclusively in Stockholm, Sweden

  • We have full GDPR compliance with European data protection regulations

  • No cross-border data transfers outside the European Economic Area without explicit consent

Data protection

Encryption everywhere

  • All data encrypted at rest using industry-standard AES-256 encryption

  • All data encrypted in transit using TLS 1.2 or higher

  • Sensitive information and credentials managed through secure credential systems

Secure infrastructure

  • We have multi-account architecture separating development, staging, and production environments

  • Production data is completely isolated from development activities

  • We use private network architecture with network-level security controls

Infrastructure security

Private Network Architecture

  • Data runs in isolated networks with security controls

  • Only authorised services can communicate with each other

Continuous vulnerability scanning

  • We have a vulnerability scanning process of our infrastructure

  • Immutable infrastructure prevents tampering once deployed

Access Control

  • Fine-grained access policies enforce the principle of least privilege

  • Each service has only the permissions it needs

Application security

Bot protection

  • reCAPTCHA integration protects Starhive against automated attacks and abuse

Secure authentication

  • We implement a multi-service authentication framework with dedicated credentials

  • We use Google OAuth integration for secure user access

Operational security

Environment separation

  • We have strict separation between development, sandbox, and production environments

Automated security controls

  • Security policies are enforced automatically through infrastructure-as-code

  • This eliminates human error and ensures consistent protection

Backup & business continuity
We have implemented:

  • Automated daily backups with point-in-time recovery

  • Multi-zone deployment ensuring high availability

  • A comprehensive disaster recovery plan that is tested yearly

Compliance & governance

Security Standards

  • SOC 2 Type II certified for security, availability, and confidentiality

  • CIS benchmark compliance

  • GDPR compliant data processing and privacy controls

Audit & Transparency

  • Comprehensive audit logging of all system activities

  • Regular internal and external security audits

  • Transparent incident reporting and communication

Have a security or compliance question?

Get in touch and we will ensure our security experts get back to you shortly. 

Use this form to request processing agreements and information on our responsible disclosure program.

Contact us
CTA-shape-new-2

This Trust Centre content reflects Starhive's commitment to maintaining the highest standards of security, privacy, and compliance. Our security posture is continuously monitored and improved to address evolving threats and regulatory requirements.