Security at Noodle Box
We take the security of your data seriously. From the moment information enters our platform to the moment it is retrieved, we apply multiple layers of protection to keep your business data safe, private, and available.
Data Encryption
All data is encrypted in transit using TLS 1.2 or higher. Data at rest is protected with AES-256 encryption using AWS KMS with HSM-backed encryption keys, ensuring your information is unreadable to unauthorised parties at every stage.
Infrastructure
Our platform is hosted on Amazon Web Services (AWS) in Swiss and EU data centers, benefiting from world-class physical security, redundant power and networking, and strict data residency controls aligned with Swiss and European regulations.
Access Control
Access to your workspace is governed by role-based access control (RBAC), allowing you to grant the right permissions to the right people. Two-factor authentication (2FA) and single sign-on (SSO) are supported for all accounts.
Compliance
Noodle Box is built to comply with the EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP). We maintain data processing agreements and support your compliance obligations as a data controller.
Incident Response
We operate continuous monitoring across our infrastructure to detect anomalies in real time. Our incident response procedures define clear escalation paths, containment steps, and notification timelines so issues are addressed promptly and transparently.
Regular Audits
We conduct regular security assessments, including vulnerability scanning and code reviews, to proactively identify and remediate risks. Our security posture is continuously evaluated and improved as our platform evolves.
Report a security concern
If you believe you have found a security vulnerability or have a concern about how we handle your data, please contact our security team directly at . We take every report seriously and will respond promptly.