Architecture & security
Who uses it, what it connects to, what it produces, where every part of it runs — and the controls guarding each layer.
Solution architecture
How PrivacyOne fits into your organisation
Who uses it, what it connects to, what it produces — and where every part of it runs.
People
PrivacyOne platform
External
Trust boundary — controlled deployment
API services
Domain engines
State
Internet
Kingdom of Saudi Arabia — controlled VM / private cloud
Only port 443 is exposed. Everything else is bound to loopback behind the proxy.
Security by design
Defense in depth, layer by layer
Personal data sits at the centre. Every ring is an independent control that has to be passed.
-
NetworkHTTPS/TLS only · firewall, 443 exposed · reverse proxy · security headers
-
Platformsystemd isolation · managed secrets (0600) · patched OS · hosting inside the Kingdom
-
ApplicationTOTP MFA · JWT sessions · RBAC least-privilege · signed challenges
-
DataFernet field encryption · hashed passwords & backup codes · immutable audit log
The password step never issues a session
Email and password return a short-lived signed challenge that expires in five minutes and cannot call any API.
Six-digit codes are verified in UTC, so they match the authenticator app on any server timezone.
Eight single-use recovery codes, stored hashed. Every verification is written to the audit log before the session is issued.
See your PDPL posture in a working system
Forty-five minutes, your own sample source, and a bilingual evidence pack you keep at the end of it.