Through annual trainings, we continuously educate our team on information security content, raising awareness of its importance. All of our developers regularly attend security trainings to stay up-to-date on typical risks in development and the protection of customer data.
In addition, all employees and external service providers are committed to adhering to agreed security policies that govern, among other things, confidentiality, data protection, and the reporting of security incidents.
Naturally, there are clauses on confidentiality in the agreements with our customers. In addition, the entire team as well as our external service providers are required to sign confidentiality agreements that protect customer data. As part of our vendor review process, we have confidentiality agreements with all service providers who process personal data or confidential information of our customers.
We have developed a security system to minimize disruptions and other unforeseen events:
- Use of state-of-the-art service providers to support our platform. Made in Germany.
- We perform daily backups of all relevant systems, stored for up to one month at geo-redundant locations. These are available for incident recovery.
- Dual mode. All production systems run in dual mode to ensure fast-response failover.
Access to our production systems is limited to the smallest possible group of people responsible for maintenance and operations. We follow the least privilege principle here.
Our servers are located in the heart of North Rhine-Westphalia, in Cologne. As a leading German multi-cloud data service provider, our service provider PlusServer is a guarantee for the highest stability in performance.