BucketMigrator

Security

Migration means handing someone credentials to everything you store. Here is exactly how we handle that responsibility, end to end.

Encrypted in transit

Every leg of every transfer runs over TLS 1.2+ — source to engine, engine to destination. There is no unencrypted hop, including inside our own infrastructure.

We never store your data

Objects stream through engine memory and are released the moment the destination confirms and verifies the write. No disk spooling, no intermediate buckets, no caches. What we retain is transfer metadata — keys, sizes, checksums, timestamps — for the audit report.

Credential custody

Your keys are only ever handled encrypted (AES-256-GCM) and are decrypted just-in-time, in memory, to run your job — never persisted in plain text, never written to logs. When the job closes, revoke them; we delete what we hold.

Scoped, revocable credentials

We ask for the minimum: read-only on the source buckets, and write plus read on the destination — verification and resume need to read back what was written. Use short-lived or dedicated keys, restrict them to bucket ARNs or prefixes, and revoke them the moment the job closes. We'll give you the exact IAM policy to paste.

EU-based, GDPR-first

We are an EU company operating under the GDPR. Transfer metadata is processed in the EU, and we sign a DPA on request. Tell us your data-residency constraints and we plan engine placement around them — residency isn't an add-on tier.

Integrity as a security property

Checksum verification isn't only about completeness — it guarantees that what landed is byte-identical to what left. Any mismatch fails the object, triggers a retry, and is recorded in the audit trail.

Certifications you can verify, not a badge wall: EasyDataHost SL, the company operating this service, is certified to ISO/IEC 27001 and accredited under Spain's Esquema Nacional de Seguridad (ENS) at High category. Certificates are available for your vendor review — just ask.

Compliance questions?

Send us your security questionnaire together with your migration request.

Contact us →