Your data stays in your cloud tenant — by architecture, not just policy.

Security model
All data encrypted at rest (AES-256) and in transit (TLS 1.3). Encryption keys are managed in your Azure Key Vault or AWS KMS — Daxor staff have zero access.
Role-based access control enforced at every layer. SSO via Azure AD, Okta, or Google Workspace. MFA mandatory for all privileged accounts.
Immutable audit logs for every action — who read what, when, and from where. Tamper-proof, stored separately from operational data.
Deployed in your cloud tenant — your data never leaves your VPC. Regular penetration tests by independent third parties.
Compliance
ISO 27001
CertifiedInformation Security Management
SOC 2 Type II
In ProgressSecurity & Availability
GDPR
CompliantEU Data Protection
DPDPA 2023
CompliantIndia Data Protection Act
GST / TDS
CompliantIndia Tax Compliance
Ind AS / IFRS
CompliantAccounting Standards
Incident response
| Severity | Response SLA | Examples |
|---|---|---|
| Critical | < 1 hour | Data breach, complete outage |
| High | < 4 hours | Partial outage, auth failure |
| Medium | < 24 hours | Performance degradation |
| Low | < 72 hours | UI bugs, minor feature issues |
We provide a full security pack including pen test reports, ISO certificate, and data processing agreements on request.
Request security pack