We have safe backups of all our systems and data. We’re keeping them in the separate safe location. Backups are tested periodically.

Data separation

Each client has its own database for 100% data separation.

High availability

Calamari is designed to ensure high availability. Every layer of the stack is equipped with mechanisms to ensure 24/7 availability.


We’re fully auditable. We’re gathering all the events from our systems. All the logs are encrypted, protected from modification and kept in the separate safe location.

Code review

Our product is developed in accordance with best software development practices. We conduct code reviews for every change to our systems.


We have a software and system update process and we’re using AWS automatic software vulnerability management tools to achieve it.

Regular pen tests

We’re running periodical vulnerability scans and pen tests.

Data encryption

Data encryption at rest and in transit.

Access management

We have a working access management process with periodical access audits and reports.

Secured data transfer

All connections between our web/mobile application and backend services are secured by HTTPS/SSL certificates. We are using SSL 256-bit, one of the strongest encryption algorithms.


We’re a cloud base company compliant with AWS Well Architected Framework. All our software and systems are compliant with the industry best practices and standards. Calamari apps are hosted in the most secure commercial data centers – Amazon Web Services. Our hosting provider is certified with ISO 27001, SOC 2, SOC 3, and more. We are GDPR compliant. We’re preparing for ISO 27001 certification this year.

Security Monitoring

We have a host intrusion detection system in place and we’re using native AWS security auditing tools (AWS Config, Cloud Trail, Security Hub, AWS Inspector etc.) We have incident response and incident management process in place. We’re using MFA for all the systems that we’re using.

Permissions & Authorization

Calamari users within an organization are assigned permissions that determine their access to information. As a result every user can be assured of confidentiality. Account roles are:

Company manager
Team manager
Direct manager
Find out more information in our Help Center
We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our Privacy Policy for more details.