Data protection is a priority at essentry. We value the trust of our customers and ensure that their data is protected.
Data Protection
essentry guarantees data protection, by design and by default, and complies with the strict regulations of Article 9 of the GDPR. In this interview, COO and co-founder Nikolai Vitzthum explains how essentry ensures data privacy and protection.
GDPR compliant.
essentry meets the strict requirements of the EU's General Data Protection Regulation and is regularly audited by an independent external data protection officer.
Full data control.
essentry gives you full control over your data. You can centrally access the data you need to fulfill audit requirements. At the same time, predefined deletion mechanisms ensure compliance with legal requirements.
Encryption.
essentry uses strong encryption algorithms to protect data both "in transit" and "at rest“. All databases are encrypted with AES-256. HTTPS is used for browser connections, and developers use SSH, SSL / TLS to connect to essentry systems.
Certified infrastructure.
essentry uses industry-leading cloud infrastructure that meets the highest security and availability standards. Our third-party certifications include ISO 27001, ISO 27017, ISO 27018, and SOC2.
essentry is built on best-in-class cloud services. These services are configured by cloud experts, which ensures an extremely high level of security and minimizes the risk of configuration errors.
Enterprise-grade infrastructure.
essentry is ISO 27001-certified on the basis of BSI IT-Grundschutz (BSI-IGZ-0459-2021). essentry servers are hosted in SOC 2 Type II and ISO 27001-certified facilities in the Frankfurt (Germany) region. Our data center facilities are secured with a perimeter of multi-level security zones, 24/7 manned security forces, and CCTV video surveillance. They are secured by multi-factor identification with biometric access control, physical locks, and alarm systems in case of security breaches.
High availability.
essentry offers a highly available service. Should an incident occur, we have comprehensive incident response and customer notification procedures in place. We have a 24/7 service center and offer an onsite service for hardware-related issues with a 24x7x4 hour availability.
Data encryption.
Communication between the user and the essentry servers is encrypted according to industry best practices: HTTPS and Transport Layer Security (TLS) over public networks. Qualys’ SSL labs have rated our servers Level A+. In addition, when using our Windows kiosk, the total network traffic is routed via our IPSec VPN. The hard drives of all servers are encrypted according to AES-256.
Third-party penetration testing.
In addition to our extensive internal scanning and testing program, penetration tests are performed by selected service providers. essentry contracts third-party security experts to conduct a thorough annual penetration test for the entire essentry service offering.
Compliance standards
At essentry, data privacy is a top priority. We value our customers’ trust and will ensure their visitor data is protected. We demonstrate our commitment to privacy preservation in both our processes and technical application design. We pursue a systematic privacy-by-design strategy.
.avif)
essentry is certified according to ISO 27001 on the basis of BSI IT-Grundschutz (BSI-IGZ-0459-2021).
essentry has been awarded the TeleTrust trust mark “IT Security made in Germany” by the German IT Security Association.
.avif)
The essentry software is regularly tested by penetration tests from SYSS GmbH.