WalletCheck Logo WalletCheck Back to home

Security & Compliance

Enterprise-grade security with 100% Swiss data residency on Microsoft Azure Switzerland

Swiss Hosted
Azure Switzerland
FADP
Swiss Law
GDPR
EU Compliant
ISO 27001
Certified
SOC 2
Type II
FINMA
Aligned

Microsoft Azure Switzerland

WalletCheck is hosted exclusively on Microsoft Azure's Swiss data centers, operational since August 2019 and trusted by thousands of Swiss organizations including banks, insurance companies, and government agencies.

Switzerland North

Zürich region — Primary data center for compute, storage, and database services

Switzerland West

Geneva region — Paired region for geo-redundant disaster recovery and backups

100% Swiss Data Residency
All customer data — databases, backups, logs, and encryption keys — remain exclusively within Switzerland. No data ever leaves Swiss borders.
100+ Azure Compliance Certifications
Microsoft Azure maintains over 100 compliance certifications globally, including ISO 27001, ISO 27017, ISO 27018, ISO 27701, SOC 1/2/3, and PCI DSS Level 1.
Customer-Managed Encryption Keys
Option to manage your own encryption keys via Azure Key Vault HSM (Hardware Security Modules) for complete cryptographic control.
99.95% Uptime SLA
Enterprise-grade availability with automated failover between Zürich and Geneva regions for disaster recovery.

Data Protection Compliance

Swiss Law

Federal Act on Data Protection (FADP)

Full compliance with Switzerland's revised Federal Act on Data Protection (FADP), which came into effect on September 1, 2023. The FADP establishes strict data protection standards comparable to the EU's GDPR.

FADP Core Principles

  • Lawfulness and good faith in processing
  • Data minimization and proportionality
  • Purpose limitation
  • Privacy by design and default

Your Rights Under FADP

  • Right to access your personal data
  • Right to rectification and erasure
  • Right to data portability
  • Right to object to processing
Financial Services

FINMA Compliance

Built to align with Swiss Financial Market Supervisory Authority (FINMA) requirements for financial institutions and intermediaries.

  • Compliant with FINMA Circular 2018/3 on outsourcing for banks and securities dealers
  • Aligned with Swiss Bankers Association (SBVg) cloud guidelines
  • Legal opinions available addressing CLOUD Act implications for Swiss data
  • Compatible with professional secrecy obligations (Article 47 Banking Act)
EU Law

General Data Protection Regulation (GDPR)

Full compliance with EU General Data Protection Regulation (GDPR) for all customers, including those processing EU citizen data. Microsoft Azure Switzerland is fully GDPR compliant.

GDPR Core Requirements

  • Privacy by design and by default
  • Data minimization principles
  • 72-hour breach notification
  • Data Protection Impact Assessments

Your Rights Under GDPR

  • Right to access and rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing

Certifications & Standards

Through Microsoft Azure, WalletCheck benefits from comprehensive third-party audited certifications. Microsoft undergoes annual independent audits to maintain these certifications.

ISO 27001:2022

Information Security Management System certification, valid through 2026 with annual surveillance audits.

ISO 27017

Cloud-specific security controls and implementation guidance for cloud service providers.

ISO 27018

Protection of personally identifiable information (PII) in public clouds.

SOC 1 Type II

Financial reporting controls audit by independent third parties.

SOC 2 Type II

Security, availability, processing integrity, confidentiality, and privacy controls.

SOC 3

Public trust services report on security controls.

ISO 27701

Privacy information management extending ISO 27001 for GDPR compliance.

ISO 22301

Business continuity management systems certification.

CSA STAR

Cloud Security Alliance Security, Trust, Assurance, and Risk certification.

Data Security & Encryption

Encryption at Rest

All data is encrypted at rest using AES-256 encryption. Database encryption is managed by Azure with automatic key rotation. Optional customer-managed keys via Azure Key Vault HSM for complete cryptographic control.

Encryption in Transit

All data transmission uses TLS 1.3 with perfect forward secrecy. No data is ever transmitted unencrypted. HSTS enforced on all endpoints.

Application-Level Security

Sensitive fields (passwords, API keys) use additional application-layer encryption with bcrypt/argon2 hashing algorithms. Secrets managed via Azure Key Vault with access logging.

Network Security

Private endpoints for database access. No public IP exposure for backend services. Azure DDoS Protection Standard for availability.

Access Control & Authentication

Multi-Tenant Isolation

Complete data separation between organizations at the database level. No organization can access another's data.

  • Entity-based data partitioning with database-level constraints
  • Row-level security policies enforced at query time
  • Audit logging for all data access operations

Enterprise SSO

Support for both password-based authentication and enterprise Single Sign-On.

  • Microsoft Entra ID (Azure AD) integration with multi-tenant validation
  • Tenant ID and email domain validation for enterprise SSO
  • Session management with secure, httpOnly cookies
  • Role-based access control (RBAC) with least privilege principle

Privacy & Data Processing

Data Minimization

We only collect and process data necessary for the crypto due diligence service. No unnecessary tracking, analytics, or data collection. No third-party tracking scripts.

Data Retention

Customer data is retained according to contractual agreements and regulatory requirements. Automatic deletion after retention period expires. Full data export available on request.

No Third-Party Data Sharing

Your data is never sold or shared with third parties for marketing or any other purposes. Blockchain analysis is performed using publicly available blockchain data only.

Subprocessors

Microsoft Azure (Switzerland) is our sole infrastructure provider. All data processing occurs within Azure Switzerland regions.

Security Operations

Vulnerability Management

Continuous vulnerability scanning with automated dependency updates. Critical security patches applied within 24 hours. Regular penetration testing by independent security firms.

Audit Logging

Comprehensive audit logs for all data access, modifications, and administrative actions. Logs retained for regulatory compliance periods and available for customer review.

Incident Response

Documented incident response procedures. Breach notification within 72 hours as required by GDPR and FADP. 24/7 security monitoring via Azure Security Center.

Business Continuity & Disaster Recovery

Automated Backups

Daily automated backups with point-in-time recovery for the past 35 days. Backups stored in geo-redundant storage replicated between Zürich and Geneva.

High Availability

99.95% uptime SLA with automatic failover and load balancing. Zone-redundant deployment across multiple availability zones within Switzerland.

Disaster Recovery

Documented disaster recovery procedures with RTO (Recovery Time Objective) of 4 hours and RPO (Recovery Point Objective) of 1 hour. Annual DR testing and verification.

Additional Resources

Microsoft Service Trust Portal

Access Azure compliance reports, audit certificates, and security documentation.

Azure Compliance Documentation

Detailed information on Azure compliance offerings and certifications.

Questions about our security?

We're happy to provide additional documentation, certifications, or answer specific security questions for your compliance review.

Contact Security Team

© 2025 WalletCheck. All rights reserved.