Book a demo
Demo

Platform

Safety that fits your production needs.

Production data is sensitive—it reveals how a company truly operates. tensoryze is designed so that this data never has to leave your company, every access event remains traceable, and the platform meets the requirements of your IT and compliance departments. Our engineers work with your IT team to configure permissions, audit trails, and identity integration—all in line with your compliance requirements and existing processes.

Sovereignty
Privacy Policy
Access

Data Sovereignty

You decide where your data is stored.

Data sovereignty isn’t something your compliance department has to address later—it’s a decision you make for each location. tensoryze operates under three business models; in each one, your production data remains in your control and under the jurisdiction of your choice.

On-premises

Your servers, your data sovereignty. The platform runs entirely in your data center—data never leaves your company, and patching, monitoring, and backup are all performed in accordance with your IT standards.

  • Deployment entirely as Infrastructure-as-Code—rapid deployment, reproducible at each location
  • Integration with your existing monitoring and backup solutions
  • Full compliance with your security policies

Air-gapped

Maximum isolation for maximum security. The platform operates completely isolated from the Internet—making it suitable for environments with heightened requirements for network isolation and confidentiality.

  • Signed Update Packages with Checksum Verification
  • Offline Container Registry and Model Distribution
  • Documented approval processes for each update

Cloud

Cloud operations with a selected region and legal jurisdiction. AWS, Azure, GCP, or regional providers such as Hetzner—identical functionality to on-premises solutions, with faster deployment.

  • Selectable region—including GDPR-compliant EU regions
  • The same platform as in on-premises operations
  • Data remains within the selected region and under the selected jurisdiction

Privacy Policy

Data protected—at rest, in transit, and in the event of an emergency.

tensoryze protects data throughout its entire lifecycle: stored in encrypted form, transmitted securely, backed up regularly, and recoverable in the event of an emergency—with traceable changes and clear control.

Security, Monitoring, and Recovery Integrated

Encryption

Encryption at rest for databases, object storage, and configurations. TLS for all internal and external connections. Secrets are stored in a dedicated vault and are never persisted in plain text.

  • AES-256 for persistent data and backups
  • TLS 1.3 for all service-to-service communication
  • Key Management via a Dedicated Vault
Backup

Scheduled, versioned backups of your data. Choose your own backup destinations—local NAS, S3-compatible storage, or your own cloud bucket. Retention and rotation can be configured by data type.

  • Incremental backups with configurable frequency
  • Retention Policies by Data Class
  • Encrypted transmission to external backup destinations
Recovery

Documented recovery paths for each service. Point-in-time restore for critical data products. Recovery tests are part of standard maintenance—not just practiced in the event of an emergency.

  • Restoring Individual Services Without Shutting Down the Platform
  • Point-in-Time Restore at the hourly or daily level
  • Regular recovery drills with documented results
Audit Trail

Comprehensive logging of logins, configuration changes, data approvals, and model deployments. Data can be analyzed in the UI or via the API—serving as the basis for internal audits and compliance reviews.

  • Immutable audit logs with timestamps and actor information
  • Filter by user, action, time frame
  • Export to standard formats for SIEM integration
Tensoryze GmbH Logo and Security Software in Use.
Laptop with a black screen and a black bezel.

Control Access

Permissions as granular as necessary—as simple as possible.

Role-based access control and authorization management are not add-ons, but rather an integral part of the platform. Access can be controlled down to individual features, storage areas, and namespaces, if desired.

  • RBAC with inheritance across the plant, line, and machine levels, and a clear separation of read, write, and administrative rights
  • Service accounts and API tokens with clearly defined scopes and expiration dates—for scripts, ERP integrations, and external systems
  • Dual-control principle for sensitive actions such as model approvals or changes to process parameters

Platform

Other aspects of the platform

Platform Overview

Security & Governance

It detects quality deviations, surface defects, or assembly issues in real time and supports employees with consistent inspection results.

Integration & Context

Provides employees with relevant information right at their workstations—contextual, easy to understand, and without any disruption in the user experience.

Accessibility

Links process, machine, and quality data throughout the manufacturing process. This allows causes to be identified more quickly and ensures traceability.

Your data. A common foundation.

Let's work together to determine how your machines, systems, and data sources can be integrated into a robust platform architecture.

Book a demo