Gewape Cloud Infrastructure
Trust Center

Security, Compliance & Sovereignty

Security is engineered into every layer of the platform. We help enterprises in regulated sectors and mission-critical digital businesses satisfy legal and governance obligations while maintaining operational and jurisdictional control. All platform claims are evidence-backed and available for customer due diligence.

Certifications & Compliance

Infrastructure is deployed on certified facilities aligned to international standards for security, continuity, and operational assurance, with documentation available during due diligence.

ISO 27001

Information Security Management

Datacenter Certified

ISO 22301

Business Continuity Management

Datacenter Certified

Tier III

Uptime Institute Design

Datacenter Certified

PCI DSS

Payment Card Industry Standard

In Progress

Security Practices

Defense-in-depth approach with multiple layers of security controls.

Encryption at Rest

All data encrypted using AES-256. Customer-managed keys available for enterprise tiers.

Encryption in Transit

TLS 1.3 for all data in transit. Perfect forward secrecy enabled by default.

Access Controls

Role-based access control (RBAC), multi-factor authentication, and audit logging.

Network Security

Private networks, firewalls, DDoS protection, and intrusion detection systems.

Physical Security

24/7 security personnel, biometric access, CCTV monitoring, and secure perimeters.

Vulnerability Management

Regular penetration testing, vulnerability scanning, and security patching.

Data Sovereignty by Design

Data residency is the baseline, not the outcome. We combine in-country deployment with governance, access, and operational controls that keep decision rights local.

  • Data stored and processed within country borders
  • Privileged operations and access workflows governed in-jurisdiction
  • Customer-controlled key and access policy options for sensitive workloads
  • Portable, open architecture to reduce strategic vendor lock-in risk

Regulatory Baseline Coverage

Kenya

Data Protection Act 2019

Compliant
Nigeria

NDPA 2023

Compliant
Rwanda

Law N° 058/2021

Compliant
South Africa

POPIA

Compliant
Singapore

PDPA 2012

Compliant
Brazil

LGPD

Compliant

Security Documentation

Request access to our security documentation for your procurement process.

Security Whitepaper

Overview of our security architecture and practices

Request Access

Data Processing Agreement

Standard DPA for enterprise customers

Request Access

Subprocessors List

Third-party services we use

Request Access

Penetration Test Summary

Latest third-party security assessment

Request Access

Documentation is provided under NDA for qualified enterprise prospects.

Need Security Documentation for Procurement?

Our team can provide detailed security questionnaires, SOC reports, and custom documentation for your compliance review.