Security & TOMs

Summary of technical and organizational measures for Juxto.

Governance

Security responsibilities are assigned and reviewed regularly.

Policies cover access control, data handling, and incident response.

Access control

Access is restricted by role and least-privilege principles.

Authentication uses passkeys and OTP email verification.

Encryption

Data is encrypted in transit using TLS.

Sensitive data at rest is protected using encryption and access controls.

Data isolation & backups

Customer data is logically separated by workspace.

Backups follow rolling schedules with controlled access.

Logging & monitoring

Security logs record authentication, access events, and operational alerts.

Logs are reviewed to detect abuse and maintain service reliability.

Incident response

We maintain incident response procedures and notify customers of reportable breaches without undue delay.

Post-incident reviews drive corrective actions.

Physical & infrastructure security

Primary hosting runs on self-managed servers hosted at netcup in Nuremberg, Germany; physical access to data centers is controlled by the provider.

Subprocessors for payments and email are contractually bound to security and confidentiality obligations.

On this page

Governance Access control Encryption Data isolation & backups Logging & monitoring Incident response Physical & infrastructure security

Juxto

Security

Last updated: Jan 22, 2026