Recycly Infrastructure, Data Security, and GDPR Compliance


Our commitment to keeping your data safe and compliant

Recycly Infrastructure Resilience

  • Recycly uses a highly resilient infrastructure, utilising Kubernetes for multi-server workload distribution across multiple availability zones, and AWS RDS Multi-AZ deployments for customer data.
  • We have systems and tools in place for monitoring and alerting of any infrastructure or application issues (specifically CloudWatch and Prometheus)
  • We utilise infrastructure-as-code and continuous integration to ensure any infrastructure and application changes are tested in our development and testing environments before being rolled out to the production environment.
  • We have documented and tested Disaster Recovery (DR) plans in place

Data Security and Encryption

  • We host customers across multiple AWS regions, based on their location. All customers are hosted on the resilient infrastructure described above, across multiple availability zones.
  • All customer data is encrypted at rest using industry standard AES-256 encryption, using AWS Key Management Service (KMS) for management of encryption keys
  • All customer data is encrypted in transit via industry standard Transport Layer Security (TLS)
  • AWS Data Centres are some of the most secure in the world. AWS publishes comprehensive security information about their data centres, available on this link.
  • In developing our architecture, we have followed the AWS Well-Architected Framework to ensure our solution is Secure, Performant and Resilient

Data Hosting Location


RecyclyERP is hosted on Amazon Web Services (AWS) infrastructure within the Europe (Ireland) region (eu-west-1).

  • All customer data is currently stored and processed within AWS data centres located in Ireland
  • AWS data centres meet high standards for:
    • Physical security
    • Availability and redundancy
    • Compliance with international standards (including ISO 27001, SOC 1/2/3)
    • Data does not leave the EU region unless explicitly agreed or required for a specific integration
  • Provision for other regions MAY be possible upon request


API Key Storage and Management

RecyclyERP manages API keys and sensitive credentials securely using server-side controls.

  • API keys are stored server-side only and are never exposed to the browser or client-side code
  • Credentials are stored using secure system configuration parameters or environment variables
  • Access is restricted to authorised system administrators only
  • All communication involving API keys is encrypted using HTTPS 

Operational principles:

  • Principle of least privilege is applied wherever possible
  • Credentials are only used where required for integrations (e.g. erasure providers, accounting systems)
  • No API keys are embedded in frontend code or accessible via user interfaces

Data Transmission Security

  • All data in transit is encrypted using HTTPS (TLS 1.2+)
  • Secure endpoints are enforced across the platform
  • No unencrypted API endpoints are exposed

Access Control

  • Role-based access control (RBAC) is enforced within RecyclyERP
  • Users can only access data relevant to their permissions
  • Administrative access is restricted and auditable

Infrastructure Security

  • Network isolation
  • Hosted on AWS with built-in:
    • Firewalls and security groups
    • Monitoring and logging

Backups and Availability

  • Regular automated backups are performed
  • Infrastructure is designed for high availability within AWS


GDPR

  • See our customer portal, here.