Trust Center

Security, Privacy & Compliance

SimpleAct runs its platform on certified infrastructure in Germany. All relevant documents for security and procurement reviews are available here.

GDPR Compliant

Data processing under EU law, server location Germany

Made in Germany

Developed and hosted in Germany, Hetzner Nuremberg

ISO-27001 Infra

Hetzner data centre with ISO 27001 certification

For Security & Procurement Reviews

Everything your security team or procurement needs for approval — centrally, complete, up to date.

SLA, DPA & AVV (PDF)

Data processing agreement under Art. 28 GDPR

Security Whitepaper

Technical and organisational measures (TOM)

Subprocessor List

Transparent listing of all sub-processors

Architecture Overview

Hosting, data flows, and isolation at a glance

Architecture Overview

Technical Details

Hosting & Infrastructure

Hosted at Hetzner (Nuremberg, Germany)
Data location: EU — no third-country transfer
Automated daily database backups (point-in-time recovery)
Encryption at rest + in transit (TLS 1.2+)

Access & Authentication

RBAC — role-based access control
Multi-tenancy isolation between organisations
Two-factor authentication (TOTP)
Session invalidation on logout

Logging & Auditability

Append-only audit log of all actions
Document and entry versioning
Timestamped snapshots for regulatory evidence

Data Processing

GDPR-oriented processing
DPA/AVV available on request
Subprocessors listed transparently

Security Testing

Regular penetration tests (last: April 2026)
External security assessment (last: April 2026)

Security Whitepaper & TOM

Detailed description of all technical and organisational measures available for download.

View Whitepaper

← Back to homepage

Yannick Heisler

Vertrieb · Persönliche Beratung

Vertrieb

Persönliche Beratung gewünscht?

Unverbindlich · Antwort innerhalb 24h

Sicherheit & Datenschutz | SimpleAct