Data security
Table of contents
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posere.
Content is available in multiple languages. Only the German version is legally binding.
Protecting your data is more than a technical requirement for us – it is our top priority and a central part of our corporate philosophy. Our Workplace Management Software combines proven standards, clear processes and modern security measures to keep data secure and available at all times.
Security management according to ISO27001
Flexopus has been certified by TÜV Rheinland according to ISO27001:2022. The ISO27001:2022 certification ensures a standardized and well-maintained information security management system (ISMS) at both Flexopus and the data center of our hosting partner Hetzner Online GmbH. This ensures that technical and organizational security measures are systematically implemented and regularly reviewed.
Technical & organizational measures
Encrypted data transmission
The data is encrypted during transmission using the TLS method, which is also used for online shopping or online banking. The integrity of the encryption can be verified here (https://www.ssllabs.com/ssltest/analyze.html?d=demo.flexopus.com).
Backups with data-at-rest encryption
Flexopus is a cloud solution hosted on a dedicated server. Our customers' databases are backed up daily. Backups are stored for 30 days with data-at-rest encryption on a location-independent server in Germany. The data will then be deleted.
Access control & Logging
Flexopus enables role-based access, protects accounts with multi-factor authentication and centrally logs all activities – ensuring that every action remains traceable and secure.
Safe working practices
Through regular training, clear security guidelines and defined incident management processes, we ensure that security standards are met and incidents are handled quickly and in a structured manner.
Infrastructure & Operation
- Our platform runs in a highly secure, ISO 27001-certified data center.
- Automated backups and patch and update management ensure stable and up-to-date systems.
- Critical components are constantly monitored to detect failures early.
- You can view the current operational status of our platform at any time at status.flexopus.com .
Product & Application safety
Our development team ensures that the application is developed release by release by adhering to internal security guidelines. Security measures are continuously being developed to be able to cope with current threats at all times. We consistently rely on Secure-by-Design principles, so that security is an integral part of the software architecture from the very beginning.
- Internal manual audits:
Dual control principle during development, code reviews, functional testing, security audits by our experts - Internal automated audits:
Code analyses, system logs, application logs, logging, code quality checks - External Audits / Penetration Tests:
Thanks to our customers, the software is audited by an independent third party at irregular intervals, but at least twice a year. Penetration tests are carried out by our customers as part of the usual assessment and approval processes.
Cyber Resilience & DORA
Our platform is designed to be resilient against disruptions and cyberattacks. Disaster recovery tests, third-party risk management and business continuity measures ensure stable and secure services – fully compliant with regulatory requirements such as DORA.
Data protection
Personal data is processed in compliance with the GDPR. Details about our data protection policy can be found on our data protection page.
Contact for security questions
For information or inquiries regarding security, you can reach our team at: