Security without compromise: how Calrissia protects your server

Security is not a feature you bolt on later. At Calrissia it sits at the top of the checklist for every customer and every project, from initial configuration to daily operations.

Illustration of a system administrator managing a VPS server in a Belgian data center

Your data stays in Belgium

Our servers are physically located in data centers in Leuven and Brussels. Your data, including all backups, never leaves Belgian soil.

That means:

  • Full GDPR compliance with no legal grey areas
  • No data sharing with vendors outside the EU
  • Full transparency about where your data lives

How we actively secure your environment

A server that is not actively monitored and maintained is a risk. Outdated software, weak access control or a missed security patch are the most common causes of data leaks and ransomware attacks… and they're almost always avoidable. We take that responsibility seriously, for every customer and every environment we manage.

Continuous patching and updates

We follow a fixed 90-day patch cycle for regular updates. For critical vulnerabilities we move faster and act proactively, without waiting for the next scheduled cycle.

Access management and 2FA

Access to the control panel is secured with two-factor authentication (2FA). We manage permissions strictly and log every access for audit purposes.

24/7 monitoring

Our infrastructure is monitored continuously. Anomalies are detected automatically and acted upon immediately, also outside of office hours. We respond proactively to incidents, before you notice them.

Encryption and secure connections

All connections to your environment use encrypted protocols. Shared web hosting plans include a free SSL certificate for HTTPS by default.

GDPR and data processing agreement

Because our servers are in Belgium, you are automatically GDPR-compliant when it comes to data storage. For businesses that need a formal data processing agreement, we draft one on request.

Frequently asked questions about security

A CVE (Common Vulnerabilities and Exposures) is a publicly reported vulnerability in software or hardware. As soon as a critical CVE that affects our infrastructure is published, we act immediately — we do not wait for the next scheduled patch cycle.
Through our 3-2-1 backup strategy with offsite copies in a separate Belgian data center. Even if your primary environment is hit, we can restore from a non-infected backup. More on our backup strategy
Yes. Get in touch and we'll draft a data processing agreement that meets the GDPR requirements together.
3 guys flying with jetpacks

Questions about the security of your environment?

Ward is happy to discuss it with you. No obligations, no sales pitch.