Security you can build on

A well-built property starts with a solid foundation. At Findable, security is at the core of everything we do, ensuring your data stays safe while you develop and manage safer properties.

Safeguarding building data for 150+ real estate companies like yours

Tromsø lkommune logo
Stavanger kommune logo
Statsbygg logo
Betonmast logo
Construction City logo
newsec logo
Moss kommune logo
velux logo
native land logo
mapletree logo
obos logo
moda living logo

Findable's commitment to security

Keeping your data safe and secure isn’t just a priority at Findable—it’s our commitment. Here’s how we put that promise into action.

Visual Identity Download

Your data is always yours

Your building data belongs to you, always. We keep it secure and fully accessible to ensure you have control at all times, even if you decide to say goodbye to Findable.

Placeholder icons

Property data, properly secured

Whether it's commercial, residential, or public sector buildings, we safeguard sensitive blueprints, building data, and operational insights with enterprise-grade security.

Placeholder icons-3

No unauthorised access

We enforce the Principle of Least Privilege (PoLP) so that only the right people can access your building data—keeping it safe from cyber threats.

Data protection & backup Frame 629393

Your data: always yours, always protected

We implement a multi-layered backup strategy to prevent data loss and ensure rapid recovery in case of unforeseen events.

  • Customer and production data is securely backed up daily to ensure we can restore your data, even in the event of a catastrophic failure
  • We enable versioning on all production S3 buckets storing customer data and production models.
  • We retain up to five versions of each object, ensuring that even if data is accidentally deleted or tampered with, earlier versions can be recovered.
  • If more versions are needed, our offsite backups provide an additional layer of protection.
  • To optimise storage and security, we enforce lifecycle policies on all versioned S3 buckets.
  • Ensures data retention and access to key historical versions while protecting against deletions, overwrites, and ransomware
Principle of Least Privilege (PoLP) red flag-2

Strict access controls for maximum security

We enforce the Principle of Least Privilege (PoLP) across our infrastructure to minimise security risks and keep your information private. This means users only have access to the properties and data they manage—nothing more.

  • Granular role-based access control ensures users can only view, edit, or interact with the information necessary for their role, ensuring strict data security and privacy
  • Single Sign-On (SSO) provides a more secure and convenient login experience.
Infrastructure resilience search

Reliable, fast recovery when you need it

Our use of Infrastructure as Code (IaC) ensures that we can rapidly restore systems if something goes wrong. Downtime is minimal so your business can keep running smoothly.

All core infrastructure components are defined using Infrastructure as Code (IaC), allowing for fast reestablishment with minimal downtime.

IaC ensures that our security configurations are repeatable, auditable, and consistent across environments.

For our customers, this means greater reliability, security, and peace of mind when using our platform. 

Continuous security monitoring Visual Identity Frame (1)

Always one step ahead of security threats

We use AWS Security Hub to detect and respond to threats in real time, keeping your data secure.

  • Critical threats are dealt with immediately: If a critical issue arises, we take action right away to keep your data safe
  • High-risk issues are carefully reviewed: We assess, document, and either resolve or formally acknowledge risks to ensure transparency and protection

A secure foundation built for the future

Findable runs on AWS for a solid foundation and uses DataCrunch to power faster and more efficient AI performance.

Why, you ask? So you get a secure and faster platform built to support the future of real estate.

Get Compliant
Get Compliant
Get Compliant
Sleep Well At Night
Hello Control
Sleep Well At Night
Hello Control
Sleep Well At Night
Hello Control

Security FAQs

General security

We review and update our security policies once a year to keep them aligned with the latest best practices.

We’re currently working towards ISO 27001 certification, expected by April 2025. After that, we’ll pursue SOC 2. As a European company, we comply with GDPR and do not transfer any data outside of Europe.

If you notice anything suspicious, let us know immediately—ideally through your customer success representative.

We’re in the process of getting ISO 27001 certification, expected April 2025. Keep your eyes peeled for updates to come! 


Questions about AI

We use AI to categorise and analyse documents. Your actual data is used for training, but you can opt out if you prefer. AI models we train will not expose your data to other users. When AI processes your data, only you get the results.

Yes, your data helps improve AI models for your benefit, but you can opt out anytime.

We do both—training our own AI models while also using off-the-shelf models. Any external models we use are hosted in Europe.

We apply the same security measures as the rest of our platform—data is encrypted at rest and in transit, and only authorised data scientists can access training data when necessary.


Data protection & backup

Your data is continuously synced to a separate AWS account for real-time recovery. We also take daily immutable snapshots (tamper-proof backups of your data that can’t be changed or deleted), which are kept for one year

All backups are securely stored in AWS Sweden and retained for one year.

Our backup account is completely isolated—no services run in it, and only our CEO and CTO can access it using physical authentication keys when needed.

Yes, you can download your data anytime—no need to ask us. Your data is always yours.


Access & permissions

You control access to your data within your organisation. Findable employees only get temporary access when absolutely necessary.

Yes, you have full control over who can access your data. 


Security incidents

No, we don’t currently provide security event monitoring tools for customers.

We follow our Incident Response Plan and will notify you via your customer success representative if your data is affected. 

To learn more about Findable’s Incident Response Plan, please contact your customer success representative. 

Secure buildings start with secure records. Findable keeps both safe.