HorusFinder
Get Started
Security & Compliance

Enterprise-grade security for your store data

We take the security of your product data seriously. HorusFinder is built on AWS with encryption, isolation, and GDPR compliance at every layer.

Data Encryption

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Search indexes, API keys, and stored product data are all protected with industry-standard encryption.

  • AES-256 encryption at rest for all stored data
  • TLS 1.3 for all data in transit
  • Encrypted search indexes per tenant
  • Secure API key hashing and rotation

Infrastructure

HorusFinder runs on AWS infrastructure in the EU (Frankfurt, eu-central-1). Each customer's search index is isolated, ensuring no data leakage between tenants.

  • AWS EU (Frankfurt) data center
  • Per-tenant isolated search indexes
  • Automated backups with point-in-time recovery
  • 99.9% uptime SLA (Enterprise plans)

GDPR Compliance

HorusFinder is fully GDPR compliant. We process only the data necessary to provide search services, and you maintain full ownership and control of your data at all times.

  • Data Processing Agreement (DPA) available
  • Right to access, rectification, and erasure
  • Data portability support
  • Data deletion within 30 days of account cancellation

Access Control

API key authentication with rate limiting protects your search endpoints. Each store gets unique credentials, and you can rotate keys at any time from your dashboard.

  • Unique API keys per store
  • Configurable rate limiting
  • Key rotation without downtime
  • IP allowlist support (Enterprise)

Data Handling

We only index the product data needed for search: titles, descriptions, prices, and attributes. No customer personal data is stored in our search indexes.

  • Only product catalog data is indexed
  • No customer personal data in search indexes
  • Data retention: active while account is active
  • Full data deletion on account cancellation

Security Practices

  • Regular security audits and penetration testing
  • Automated vulnerability scanning in CI/CD pipeline
  • Principle of least privilege for all service access
  • 24/7 infrastructure monitoring and alerting
  • Incident response plan with defined SLAs
  • Employee security training and access controls

Ready to transform your search?

Join hundreds of businesses that deliver instant, relevant search results to their users.

Get StartedTalk to Sales