Self-Hosted Architecture

Your data stays on servers you own and control. We never have access to your operational data, form submissions, or user information.

Data Sovereignty

Keep your data in your jurisdiction. Meet Canadian PIPEDA, provincial privacy laws, and US state requirements by controlling where your data resides.

Complete Audit Trail

Every action is logged with timestamps and user attribution. Demonstrate compliance with immutable records that can't be altered.

Security Features

Built-in protection at every layer

Authentication & Access Control

  • Secure password hashing — bcrypt with industry-standard salt rounds
  • Role-based access control — granular permissions so users only access what they need
  • Session management — secure tokens with configurable expiry and automatic logout
  • SSO integration — connect your existing identity provider
  • Multi-factor authentication — optional MFA for additional security

Data Protection

  • Encryption in transit — all data transmitted over TLS 1.2+
  • Encryption at rest — database encryption supported for sensitive fields
  • Secure file storage — uploads stored with access controls and optional encryption
  • Data isolation — complete separation between departments and user groups
  • Backup & recovery — built-in tools with point-in-time recovery

Audit & Compliance

  • Complete audit logging — every submission, approval, edit, and user action
  • Tamper-proof records — immutable audit trails with cryptographic verification
  • Chain of custody — full history of who accessed, modified, or approved each record
  • Regulatory exports — audit-ready packages in one click
  • Retention controls — configure record retention to match your policy
Why It Matters

The safest place for your data is your own server

Cloud platforms make headlines when they get breached — and their customers' data goes with them. With Varda Forms, there is no shared multi-tenant database to breach. Your installation is yours alone, behind your firewall, under your policies.

  • No third-party access to your operational records
  • You control backups, retention, and residency
  • Works inside air-gapped or restricted networks
  • Vendor changes can never strand your data
yourdomain.local/admin/audit-log
Audit Log · LiveImmutable
09:41 · j.doe approved FLRA #4412✓ logged
09:38 · d.miller submitted Inspection #318✓ logged
09:15 · admin exported Q2 audit package✓ logged
08:52 · s.reid edited WO-118 (v2 archived)✓ logged
Next Step

Questions about security or hosting?

Bring your IT team to the demo — we'll walk through architecture, requirements, and deployment options together.