Built in Luxembourg

Your data, secured in the heart of Europe

Sovereign by design: based in Luxembourg, hosted in the EU, never touching US jurisdiction. We're transparent about our security journey and happy to share details.

Contact Security Team View Certifications

Luxembourg base, European strength

Luxembourg Leadership

Based in Luxembourg, we benefit from some of Europe's strongest data protection laws, providing additional layers of security beyond standard GDPR requirements.

EU Infrastructure

All data processing occurs within the European Union using high-availability data centers in the Netherlands and Germany. Your information never leaves EU jurisdiction.

How we protect your data

Data Protection

Encryption

All data protected in transit and at rest using industry-standard encryption

Network Security

Enforced security policies and firewall protection

Access Controls

Strict access management and monitoring

Infrastructure Resilience

High Availability

Multi-location data centers ensure continuous service

Monitoring

24/7 system monitoring with automated alerting

Backup & Recovery

Multiple backup locations with comprehensive disaster recovery plans

Building compliance you can trust

Current Status

GDPR Compliant

Full alignment with EU data protection requirements

Peppol Network Member

Official participant in the EU e-invoicing infrastructure

Legal Compliance

Log retention and data handling aligned with regulatory requirements

In Progress

ISO 27001

Currently conducting gap analysis as part of our certification journey

We believe in transparency about our security journey. We'll update this page as we achieve new milestones.

Clear policies, no surprises

What We Collect

Only the business data necessary to process your invoices and maintain your account. No unnecessary personal information.

  • Business invoice data
  • Account credentials
  • Service usage logs

How We Protect It

Your data is encrypted, monitored, and backed up across multiple EU locations. Access is strictly controlled and logged.

  • End-to-end encryption
  • Multi-location backups
  • Access monitoring

Your Rights

Full GDPR rights apply: access, correction, deletion, and portability. Contact us anytime to exercise these rights.

  • Data access rights
  • Correction & deletion
  • Data portability

Built to keep your business running

Uptime Commitment

99.5% availability backed by redundant infrastructure and proactive monitoring.

Incident Response

Professional incident response procedures ensure rapid resolution of any issues affecting service.

Regular Testing

Disaster recovery and backup systems are regularly tested to ensure reliability when you need them.

Security questions? We're here to help

Whether you need detailed technical documentation, security questionnaires completed, or want to discuss specific compliance requirements, our team is ready to provide the information you need.

Security Contact

For detailed security documentation, compliance questionnaires, or technical questions, contact our security team directly.

  • Technical security documentation
  • Security questionnaire completion
  • Compliance requirement discussions
Contact Security Team

General Support

For general questions about our security practices or platform features.

  • General security questions
  • Platform feature inquiries
  • Implementation guidance
Contact Support