Transparency

Infrastructure

Last updated: TODO — pending deployment

1. Datacenter Location

All customer data — repositories, issues, account records, and metadata — is hosted exclusively within the European Union. No data is stored or replicated outside the EU / EEA.

  • Primary datacenter: TODO — city, EU member state
  • Backups: TODO — EU-only backup region(s)

2. Hosting Provider

TODO: Name and registered office of the EU-based infrastructure provider acting as sub-processor (Art. 28 GDPR).

3. Software Stack

  • Git hosting: Forgejo (self-hosted)
  • Account & access layer: gitbuild.dev (Laravel application)
  • Database: PostgreSQL

4. Sub-processors

TODO: Complete list of sub-processors with role, location, and purpose. All sub-processors are located within the EU / EEA.

5. Certifications & Standards

TODO: ISO 27001, C5, or equivalent EU-recognised certifications held by the hosting provider and/or operator.

6. Uptime & Availability

TODO: Target service-level objective, maintenance windows, and incident notification policy.

7. Data Security

  • Transport encryption (TLS) for all connections
  • Passwords stored as one-way hashes (Argon/bcrypt)
  • Rate limiting and honeypot bot protection on signup
  • TODO: Encryption-at-rest, access logging, backup encryption details

TODO: This page is a structural skeleton. All entity specifics, addresses, contact details, and legal copy must be provided by the legal team before publication. No fabricated data is included.