First class render farm security
Your files are encrypted at every stage from upload to render to automatic deletion. All data stays in the EU under GDPR jurisdiction, hosted in one of the most certified datacenters in the Netherlands.
Our datacenter
Your files live in Previder's datacenter in the Netherlands, one of the most certified data facilities in the country.
ISO 27001 · Information Security
ISO 27017 · Cloud Security
ISO 27018 · Cloud Privacy
NEN 7510 · Data Security
SOC 2 Assurance Reports
BREEAM Excellent · Sustainability
Dutch Data Center Association
BIO · Government Baseline
Multi-factor physical access
Entry requires a digital key, fingerprint biometric and PIN. Only a small number of authorized staff can enter machine-rack zones, and all access is logged and audited monthly.
24/7 CCTV and motion detection
Surveillance systems monitor every critical area around the clock. Footage is stored securely with restricted access and handled in accordance with GDPR.
HVAC and fire suppression
Climate control and fire suppression systems protect hardware on-site. Both are tested and maintained by certified technicians on a regular schedule.
RAID 10 and daily cloud backup
Data is stored on a central NAS in RAID 10 configuration with daily backups synced to Amazon Cloud. Disaster recovery is tested monthly with a 30-minute RTO target.
Secure at every step
Every step between your machine and the render farm is encrypted and verified.
Encrypted upload over HTTPS / TLS
File uploads use HTTPS, and local server transfers use TLS with RSA 2048 keys.
File validation and intrusion scanning
Every incoming file is inspected by our proprietary Intrusion Detection System. Files not matching an approved 3D project extension are automatically removed, and malicious scripts or executables are eliminated before they ever touch our render nodes.
Stored with AES-256 encryption and integrity checks
Files at rest are stored using industry-standard encryption methods and key stretching. All files are integrity-verified, so any tampering is caught and rejected immediately.
Authenticated job access
Job submissions require a studio-specific token to prevent forgery and timing attacks.
Zero-secret remote credentials
No storage secrets are stored with clients. All stored credentials expire in 6 hours.
Automatic deletion after 7 days
All project files and rendered outputs are kept for up to 7 days so you can re-download your work. After that, automated backend processes irrecoverably delete everything. No manual step required.
GDPR compliant, EU-hosted
We process and store your data exclusively in the Netherlands, fully within EU jurisdiction and subject to GDPR.
Your data is never sold or shared with third parties for advertising. We collect only what's needed to run your renders, and you can request access, correction or deletion of your data at any time. Our security policy is reviewed annually and updated after any significant change, overseen by our CEO and Head of Security.
Quarterly security audits
Internal and external auditors review our network, data security, physical controls and GDPR compliance every three months.
Monthly penetration testing
Web applications and network infrastructure are pen-tested monthly. Vulnerabilities go straight to our security team with prioritised remediation plans.
30-minute disaster recovery target
Our disaster recovery plan is tested monthly. Software issues target restoration within 30 minutes, and hardware spares are pre-staged for rapid swap.
Annual policy review
The full security policy is formally reviewed each year by our CEO and Head of Security. Updates are documented and communicated company-wide.
Related FAQs
Have further questions about our security policies? Check out FAQs here, and don't hesitate to contact support for more.
Can Drop & Render employees see my project files?
Do you offer an NDA for sensitive projects?
How is access to the datacenter controlled?
Is my upload encrypted?
What happens to my files after rendering is done?
Supported software
Company details