1. Infrastructure

VIA ERP is hosted on secure DigitalOcean servers in Europe (Frankfurt, Germany) for full GDPR compliance. Our infrastructure is protected by advanced firewalls, high-availability redundancy, and 24/7 monitoring. Company headquarters: Tunis, Tunisia.

2. Encryption

All communications are encrypted via SSL/TLS (HTTPS). Sensitive data is encrypted at rest using AES-256. Passwords are hashed with bcrypt.

3. Authentication

VIA ERP supports multi-factor authentication (MFA), secure sessions with automatic expiration, and granular role and permission management.

4. Backups

Automated encrypted backups are performed daily. Backups are retained for 30 days and can be restored on request.

5. Audit & Logging

All access and changes are logged. Audit logs are retained and accessible to administrators for full traceability.

6. Compliance

• GDPR compliance for personal data protection
• Tunisian tax compliance (19% VAT, fiscal stamp)
• Transparent data retention policy

7. Security Testing

We conduct regular security testing including vulnerability scans, code reviews, and penetration tests.

8. Vulnerability Reporting

If you discover a vulnerability, please report it responsibly to info@innoway-solutions.com.