How does Calira handle data security and compliance?

Calira is used by biotech and pharma organisations that operate in regulated environments. Security and data protection are built into the platform.

GDPR: Calira processes personal data in accordance with GDPR requirements. A full privacy notice and sub-processor list are published on our website.
Data hosting: customer data is hosted on secure cloud infrastructure with encryption at rest and in transit.
Data ownership: your data belongs to you. Export it at any time via CSV or API.

Role-based permissions. Five user roles (Admin, Instructor, Researcher, Student, Guest) control what each person can see and do. The Student role is available in academic accounts.
Access groups. Control which users can book which instruments.
Training enforcement. Restrict access to trained users only: untrained users cannot book controlled equipment.
SAML SSO. Enterprise customers can use their existing identity provider (Okta, Azure AD, Google Workspace) for authentication.
Multi-factor authentication. Users can enable MFA with an authenticator app and backup codes for an additional layer of login security.

Usage logs. Every booking, modification, and cancellation is recorded with timestamps and user attribution.
Service history. Maintenance activities are logged against each instrument for audit purposes.
LabTrack. Optional PC-based agent that records actual usage sessions for compliance-grade utilisation data.