Security
Enterprise-grade security. No compromise.
Your back-office data deserves the highest level of protection. ISO 27001-ready, GDPR compliant, data in the EU, standard, not optional.
Foundation
Security in every layer
Data encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Documents, extractions and ERP credentials are never stored unencrypted.
EU data residency
All your data is processed and stored within the European Union. No data transfers outside the EU. No exceptions.
Access control
Role-based access control, SSO integration and audit logs on every action. You decide who can see and do what in the platform.
Pen-testing & monitoring
Regular penetration tests by external parties. 24/7 monitoring, anomaly detection and incident response procedures.
Certifications
Audited and certified
ISO 27001 certification in progress
Our Information Security Management System (ISMS) is built to the international ISO 27001 standard. The certification audit by an independent body is scheduled within the next 30 days.
GDPR compliant
Fully compliant with the General Data Protection Regulation. Data processing agreements, DPIAs and privacy-by-design are standard in every implementation.
AI Act compliant
Our AI coworkers comply with the EU AI Act. Risk classification, transparency, human oversight and technical documentation are built into every implementation.
In practice
How we protect your data
Data minimisation
We only process the data needed for the process. Documents are cleaned up after processing according to your retention policy.
Customer isolation
Every customer environment is fully isolated. No shared databases, no cross-tenant access, no shared models.
Audit trail
Every action the AI coworker takes is traceable: who, what, when, why. Fully visible via the dashboard.
Incident response
Documented incident response procedures with defined escalation paths and communication protocols.
Human in the loop
When uncertain, the AI coworker escalates to your team. No autonomous decisions on sensitive data without human approval.
Vendor management
All sub-processors are reviewed on security and compliance. Transparent list of sub-processors available on request.
Questions about security or compliance?
Our security team answers any question. We're happy to share our documentation, certificates and data processing agreements.
Get in touch