Trust Center

All security, privacy, and operational documents in one place: for your procurement team, auditor, or CISO.

nisd2.eu runs on EU infrastructure, is open source, and publishes its security and privacy documentation transparently. This page brings it all together.

Legal agreements

Data Processing Agreement (DPA)

GDPR-compliant data processing agreement for all paying customers.

View

Technical and Organisational Measures (TOMs)

Documented security measures under Art. 32 GDPR.

View

How we collect, process, and protect personal data.

View

Infrastructure & hosting

Hosted in Germany: Hetzner Frankfurt/Nuremberg (ISO 27001 certified)

Subprocessor list

All third parties that process customer data, with location and legal basis.

View

Status page

Real-time platform status and incident history.

View

Security

Open source

The core code is publicly visible: security through transparency, not obscurity.

View

Responsible disclosure

Our process for reporting security vulnerabilities.

View

security.txt

Machine-readable contact details for security researchers (RFC 9116).

View

Transparency

Changelog

Public log of all platform updates.

View

Corrections

When we make mistakes in our content, we correct them publicly.

View

Questions about security or privacy: security@nisd2.eu