Security Practices

Effective: January 9th, 2017

Security is one of the main priorities at Cylix. Transparency and openness are among our core values and we intend to be as detailed as possible about the way we handle security.

If additional questions regarding security arise, we are more than happy to answer them. Please write to and we will respond as quickly as we can.


We store no data on our servers and no employee has access to any customer data.

Personnel Practices

Cylix conducts background and credit checks on employees before employment, and they receive security training during onboarding as well as on an ongoing basis. Information security policy which covers availability, confidentiality and security is read and signed by all employees.

Security Features

Access Logging

The only information we log is user IP address of connection and the application version used in order to verify for new updates. We do not log information regarding application access, device type or log any other usage that might expose data.

Data Retention

We do not have access and do not store any data the user might create and store in Cylix application.

Return of Customer Data

The Cylix application includes the following local export capabilities:

  • Standard Exports: Save File As is the option to have a specific item saved on disk.
  • Plus Exports: In addition to ‘Standard Exports’, users can also export the entire project in an XML format on disk for backup, archival and migration purposes. Exported data is not encrypted. These exports can be initiated at any time irrespective of licence type.

More information about the export capabilities of the Cylix services can be found at our Help Center.


We understand that you rely on the Cylix application to work. We are committed to making Cylix a highly-reliable application that you can count on.

Disaster Recovery

Data is stored locally and it is the responsibility of data owner or user to make backups at multiple locations to ensure availability. We have well-tested backup and restoration procedures, which allow recovery from a major loses in case of a failure with this system.


Cylix does not log any information on application usage and/or data added to a project. Data is encrypted locally and password protected when project is created.

Incident Management & Response

In the event of a security breach of its website, Cylix will promptly notify you of any unauthorized access to your client data. Cylix has incident management policies and procedures in place to handle such an event.

Product Security Practices

New features, functionality, and design changes go through a security review process facilitated by the security team. In addition, our code is audited with automated static analysis software, tested, and manually peer-reviewed prior to being deployed to production. Any security concerns are immediately raised with development team in order to be resolved.