Vanliga frågor

Securapilot is a cloud-based GRC platform (Governance, Risk & Compliance) that helps organizations manage information security, GDPR compliance, risk management, and vendor management in one unified solution. The platform is built for Nordic companies with support for 10+ languages.

Securapilot suits organizations of all sizes that need to structure their security and compliance work. Particularly suitable for companies working towards ISO 27001, GDPR, NIS2, or SOC 2, as well as organizations wanting to replace spreadsheets and manual processes with a professional platform.

Yes, Securapilot is developed in Sweden with focus on Nordic needs and regulations. All data is stored within the EU and the service is adapted for Swedish and European compliance requirements.

<a href="/de/book-demo/" class="text-primary hover:text-primary-dark dark:text-brand-light dark:hover:text-brand-secondary underline">Book a meeting</a> or email info@securapilot.com. We will schedule an initial meeting to discuss your needs and how Securapilot can help your organization. You can also apply for our pilot program for a chance to receive a 30% discount.

Securapilot uses a database-per-tenant architecture that guarantees complete data isolation between organizations. We offer two-factor authentication (2FA), role-based access control (RBAC), and comprehensive audit logging for all activity. All data is encrypted both in transit and at rest.

All data is stored on servers within the EU, with primary hosting in Sweden. We use redundant storage to ensure high availability and automatic backups for data protection.

When closing an account, you can export all your data in standard formats. After a 30-day grace period, all data is permanently deleted from our systems, including backups.

Securapilot is built according to ISO 27001 principles and we continuously work with security audits and penetration testing. Our infrastructure is hosted at certified data centers.

Yes, the Enterprise plan includes SSO support via SAML 2.0 and OAuth, enabling integration with your existing identity management like Azure AD, Okta, or Google Workspace.

Securapilot is hosted at Oderland's data center in Gothenburg, Sweden. The data centers have redundant infrastructure with their own dark fiber between facilities, battery backup, and diesel generators for uninterrupted power supply. All equipment is owned and operated by Oderland themselves, providing full control over security and performance. Your data is always stored within the EU.

Our infrastructure is protected by multiple layers of security measures: automatic daily backups stored for up to three months with immutable storage (cannot be overwritten or deleted even during attacks), advanced DDoS protection with over 1000 Gbit/s capacity, WAF protection (Web Application Firewall) via Imunify360, and 24/7 monitoring with on-call technicians. Security updates are applied without downtime and all web servers have automatic protection against known vulnerabilities and malware.

Securapilot contains 10 modules: Risk Management, GDPR Compliance, Vendor Management, GAP Analysis, Whistleblower, Web Scan, Audit Management, Policy Management, Information Classification, and File Management. Which modules you have access to depends on your subscription plan.

The risk management module is based on ISO 27005 and includes a visual 5x5 risk matrix, automatic workflows for risk treatment, connection to controls and actions, and dashboards to track risk levels over time.

The GDPR module includes Records of Processing Activities, handling of data subject rights (DSAR), incident reporting with 72-hour notification, impact assessments (DPIA), and AI-assisted review of processing activities.

The Whistleblower module complies with the EU Whistleblower Directive and Swedish legislation. It offers an anonymous reporting channel, case management with traceability, and the ability to communicate securely with the reporter without revealing their identity.

The Web Scan module automatically scans your websites and domains to identify security issues such as SSL configuration, exposed services, vulnerabilities, and compliance deviations. Results are presented with prioritized remediation suggestions.

Securapilot supports ISO 27001, GDPR, NIS2, SOC 2, and more. Our GAP analysis module helps you identify and address gaps against any framework with guided remediation.

Our AI helps you automatically categorize risks, suggest treatment actions based on best practices, review GDPR processing for compliance gaps, and generate reports. AI features learn from your work to provide better suggestions over time.

AI features are included in all plans. The difference between Small, Medium, Large, and Enterprise is organization size, number of users, storage space, and support level – not functionality.

AI suggestions are always recommendations that you review and approve. The system shows confidence level for each suggestion and you always have full control over the final result. AI doesn't replace human judgment but makes work more efficient.

No, your organization's data is never used to train AI models. All AI processing happens in isolation for your tenant and we never share data between customers.

There is no free plan, but we currently have a pilot program where you can apply for the chance to receive a 30% discount. Read more about the pilot program on our website.

We offer four plans based on organization size: Small (1–20 employees), Medium (21–250 employees), Large (251–1,000 employees), and Enterprise (> 1,000 or public sector). All features are included in all plans – you pay by size, not per module.

We offer annual billing, 3-year agreements give 20% discount.

Yes, you can upgrade your plan at any time and get immediate access to the new features. When downgrading, the change takes effect at the next billing period.

Yes, we offer special pricing for non-profit organizations, educational institutions, and startups. Contact us for more information.

All plans include unlimited users. You pay for functionality, not per user. This makes it easy to involve the entire organization in security work.

Securapilot has a flexible role-based permission system (RBAC). You can create custom roles with specific permissions for different modules and functions. Predefined roles include Admin, Risk Owner, GDPR Officer, and Reviewer.

Yes, you can create departments and teams to organize users and limit data visibility. This is useful for large organizations with multiple business areas.

Yes, all activity is logged with timestamp, user, and IP address. The audit log is searchable and can be exported for compliance purposes. Logs are kept for at least 2 years.

Yes, we offer a REST API for integration with other systems. The API provides access to all core functions and supports webhook notifications for event-driven integrations. API documentation is available for Professional and Enterprise customers.

We offer ready-made integrations with popular tools like Microsoft 365, Google Workspace, Jira, Slack, and several SIEM systems. The Enterprise plan also includes the option for custom integrations.

Yes, Securapilot supports import via CSV and Excel for risks, processing activities, vendors, and other data sets. We also offer migration assistance for customers switching from other GRC tools.

All your data can be exported in standard formats (CSV, Excel, PDF). You can also schedule automatic report exports and integrations for continuous data synchronization.

All plans include email support in Swedish and English. The Professional plan includes priority support with faster response times. The Enterprise plan includes a dedicated account manager and phone support.

Yes, we offer documentation, video guides, and webinars for all users. Enterprise customers also get onboarding sessions and the option for customized training.

For Trial and Basic plans, response time is normally within 24 hours (weekdays). Professional customers have guaranteed response time within 8 hours. Enterprise customers have 4-hour response time and access to emergency support.

Yes, we offer consulting services for implementation, customization, and advisory on information security and compliance. Contact us for a quote.