Security

Security, access control and compliance for HORECA operations

Encryption, access control, traceability and data residency designed for multi-location environments with security and compliance requirements

EU data residency
Encryption in transit and at rest
SSO, RBAC and role-based segregation
Audit trail and access traceability
Request Technical Session
Security

Security controls and compliance

Each security layer is designed to operate in multi-location environments with audit and compliance requirements.

Granular RBAC

Access control by role, location, region and module. A location manager only sees their site. A regional director sees their perimeter.

SSO / SAML 2.0 / OAuth 2.0

Single sign-on with your corporate IdP (Azure AD, Okta, Google Workspace). No additional credentials for your team.

AES-256 encryption

Data at rest encrypted with AES-256. Keys managed with automatic rotation and audited access.

TLS 1.3

All communications encrypted with TLS 1.3. Certificate pinning available for critical integrations.

GDPR compliance

EU data residency. Right to erasure, portability and access implemented by design. Designated DPO.

Traceability and operational compliance

Complete batch, allergen and waste records. Documentation exportable for internal and third-party audits.

Need to validate compliance with your IT team? Schedule a technical session.

Request Technical Session

Security guarantees

Access control

RBAC by role, location, region and module. Complete segregation without code.

Data protection

AES-256 encryption at rest, TLS 1.3 in transit, automatic key rotation.

Traceability

Immutable log of every action: who, what, when and from where. Exportable for audits.

Compliance

GDPR, EU data residency, DPA per client and guaranteed portability.

Technical security questions

Where does my group's data reside?

In AWS eu-west-1 (Ireland), within the EU. European residency guaranteed. Controliza has a designated DPO and Data Processing Agreement (DPA) per client.

What encryption is applied to my data?

AES-256 at rest with automatic key rotation. TLS 1.3 in transit with certificate pinning available for critical integrations. End-to-end encryption without exceptions.

How is access managed?

Granular RBAC: roles by person, location, region and module. A location manager only sees their site, a regional director sees their perimeter, senior management has full visibility. Each permission is configured without code.

What logs and audit capabilities does Controliza offer?

Complete and immutable audit trail: who did what, when and from where. Logs are exportable for internal and third-party audits. Retention is configurable per client.

How do I configure SSO for my organization?

Controliza is compatible with SAML 2.0 and OAuth 2.0. Direct integration with Azure AD, Okta or Google Workspace. Your IT team configures it in minutes from the admin panel.

Can I control access by location, user and module?

Yes. Each user has permissions assigned by role, location and module. You can define that a site manager only accesses inventory for their location, while a financial controller sees consolidated purchasing across the entire chain.

Results measured in active Controliza clients.

Request a technical session

We review access controls, encryption, traceability and compliance requirements in your current architecture.

This site is protected by Google reCAPTCHA. Privacy · Terms

Financiado por Kit Digital y fondos europeos