The security of your personal data is a top priority at Evolisa.
We know that what you share with us involves your health, your goals, and your well-being β and we take that seriously. Thatβs why weβve built Evolisa on secure infrastructure, with systems and practices aligned to the highest privacy and data protection standards. Below, youβll find how we protect your data β and what you can do to stay safe too.
π‘οΈ How Evolisa protects your data
β Legal compliance
Evolisa complies with the EU General Data Protection Regulation (GDPR) and other applicable privacy regulations. Your data is never sold or shared for commercial purposes.
π Independent security reviews
We perform regular audits with external cybersecurity experts to ensure the ongoing protection of all user information handled by our AI platform.
π₯οΈ Infrastructure security
All data is hosted on secure European servers, protected by encryption and automatic backups. We use certified cloud providers (e.g., AWS, Hetzner) compliant with ISO 27001, SOC 2, and SOC 3 standards.
π Encryption
All data β in transit and at rest β is encrypted to preserve confidentiality. Communication between your device and our servers is secured using HTTPS with Transport Layer Security (TLS).
𧱠Isolated and secure environments
Our production system is separated from development and testing environments, ensuring that the live app remains secure, reliable, and unaffected by ongoing updates or experiments.
π³ Secure payments
All paid plans (Base, Premium, Pro) are processed exclusively via certified payment platforms like Paypal, ensuring secure and encrypted transactions.
π§ Responsible AI
Evolisa does not diagnose or make medical decisions. All suggestions are educational and personalized based on your metabolic profile.
Every interaction with our AI is encrypted and stored securely, and never used for marketing or profiling.
π Backups & monitoring
We perform daily incremental and weekly full backups of our database systems β all encrypted. Our infrastructure is monitored 24/7, with automated alerts for abnormal activity to ensure system integrity and availability.
π§ͺ Vulnerability testing
We regularly perform vulnerability and penetration tests, including web application scans, to detect and address any potential security flaws before they impact users.
π Traffic management & performance
We use services like Cloudflare (or equivalents) to block malicious traffic, balance server load, and optimize speed worldwide. Wherever you are, Evolisa stays fast and secure.
π¨ Incident response & data breach notifications
We have a clear internal procedure for handling security incidents and data breaches, in full compliance with international data protection laws. Should a critical event occur, users will be notified promptly as required by GDPR.
𧬠A culture of security
All Evolisa collaborators and partners undergo regular data protection and cybersecurity training. Security is embedded in our company culture and reflected in every system and feature we build.
π© Security contact
If you have questions or concerns regarding Evolisaβs security or privacy practices, you can contact us anytime:
π§ privacy@evolisa.app