ENTERPRISE
KMS envelope encryption
Integration with enterprise KMS providers. Envelope encryption with a per-account key, automatic rotation, audit log + compliance reports (targeting PCI DSS, SOC 2, HIPAA).
PRODUCT · ENTERPRISE SECURITY
KVKK + GDPR + Schrems III — on a single infrastructure.
KMS envelope encryption, DLP scanner, Hide-my-email, BYOS backup, SSO/SAML + SCIM, legal hold WORM archive. Audit-ready for regulatory inspection, enterprise-grade for corporate identity.
6 hardening layers
Each layer is an independent defence. Even when one layer is breached, the others hold:
ENTERPRISE
DLP (Data-Loss Prevention)
A regex-based scanner detects PII in outbound mail — national ID numbers, IBAN, credit cards, phone numbers and more — and warns or blocks. Custom rules + account policy.
ENTERPRISE
Hide-my-email
Proxy address generation: give your customers a unique alias, forwarded to the real inbox + spam cleaning. If an address is compromised, disable it with a single click.
ENTERPRISE
BYOS backup + Point-in-Time recovery
Backups are written to your own S3-compatible bucket — your data stays in your own vault. AES-256-GCM dual-layer encryption, hourly snapshots, PITR recovery to any moment you choose.
BUSINESS+ (SCIM ENTERPRISE)
SSO / SAML 2.0 + SCIM provisioning
Compatible with all enterprise IdPs via SAML 2.0. SCIM 2.0 for automatic member creation + deactivation of departing employees. Domain verification + assertion audit.
ENTERPRISE
Legal hold + custom contracts
WORM (write-once-read-many) archive — immutable, undeletable, timestamped. An audit-ready snapshot in the event of legal dispute. DPA / BAA / custom contracts included.
Compliance + audit readiness
Fully equipped for Turkey + the EU:
- KVKK Full compliance with Law No. 6698. A VERBİS assistant + KVKK contact flow are built into the panel. The 72-hour deletion-request response obligation is guaranteed.
- GDPR No cross-border data transfer; data is processed entirely within Türkiye, so GDPR Article 46 supplementary safeguards are not required. Self-service DSAR + signed customer DPA.
- Data residency All customer data is processed and stored in our data center in Türkiye. No data is transferred outside the country.
- Audit log Immutable, hash-chained audit log. Weekly integrity verification. 5-year retention.
- Anomaly detection Alerts for new device/IP/country/impossible travel. Brute-force protection. Anomaly Alert + account security policy.
- IP allowlist Restrict panel access to your company IPs. BUSINESS+.
Standard security on every plan
These features are not for the enterprise tier — they are the default for everyone:
- 2FA TOTP + backup codes (FREE)
- WebAuthn / Passkey register + step-up (FREE)
- Brute-force protection: 5 failed logins → 15-min lock (FREE)
- Session management + remote sign-out (FREE)
- Helmet + CSRF header guard + CORS (default)
- Per-account + per-IP rate limit (default)
- Disposable email block + signup velocity (default)
- Login anomaly + impersonation audit (STARTER+)
Detail pages. Separate marketing coverage for audit log + legal hold:
Audit Hash Chain · Legal Hold.
This page is prepared for enterprise contracts. For detailed security features, DPA + BAA + custom SLA samples, third-party audit report (SOC 2 Type II — planned) and KMS/BYOS technical documentation, speak with our sales team. Technical POC setup with a dedicated engineer within 2 weeks.
ENTERPRISE
Let us design an infrastructure that fits your enterprise audit.
KMS, SCIM, DLP, hide-my-email, legal hold, dedicated engineer. Configured under contract; not a self-serve flow.