Relica is designed to ensure the security and privacy of your data at all times and ensures full compliance with industry standards and regulations.
Relica screenshot


With Relica, your data never leaves your computer without encryption, ensuring nobody else can read it. All of your data remains encrypted until you decide to decrypt it when restoring to a device of your choice. Nobody but you has access to your encryption key .


Relica uses the open-source tool restic to make backups of your data. All your data is encrypted with AES-256 in counter mode and authenticated using Poly1305-AES. You can learn more about the encryption standards here.

Relica Cloud

When using the Relica Cloud, each encrypted copy of your data is transmitted securely to an independent, top-tier data center. Unlike many backup solutions, with Relica each copy remains fully encrypted in rest.


Keeping in mind that your data is fully encrypted before transmission to a data center for storage, Relica Cloud only uses providers which comply, at minimum, with SOC 2, ISO 27001, PCI-DSS, HIPAA, FERPA, GDPR and MPA standards.

Failure-point mitigation: Restoring Data

Since no system is perfect, Relica is designed to minimize risk in case of failure. Therefore, even if you can't access your Relica account, you can still restore your backups using the open-source tool restic.

Failure-point mitigation: Account

Even if your Relica account is compromised, nobody can access or erase your backups without your encryption key, providing an additional layer of security. Relica does not keep a copy of your encryption key, so make sure you don't lose it!

Failure-point mitigation: Redundancy

When making backups with Relica, there are no limits on how many copies you can make or the number of storage destinations! If using the Relica Cloud, you can make up to five copies stored independently in fully compliant data centers around the world, ensuring maximum security and availability.

Failure-point mitigation: Dependencies

Relica is designed to be completely self-contained, and its binaries do not require any external system libraries (no JRE, no Python, no libc, etc). This minimizes the risk of security flaws being introduced to our software.