SaaS-Secure.com

Trust & Compliance

Protecting your data with GDPR-by-design

German data centers, isolated hosting, and transparent processes keep your applications compliant and your data under your control.

Read our Privacy Policy Open Customer Center

What this page covers

  • How we isolate and protect every SaaS tenant
  • Our GDPR guarantees and data use commitments
  • Data export options and Data Processing Agreements (Art. 28 GDPR)

GDPR-first operations in Germany

We follow the EU General Data Protection Regulation (GDPR) and apply the strict German privacy standards to every hosting.

Your SaaS instances run inside dedicated containers. Cross-tenant data access is blocked by design and reinforced by a system-wide firewall.

Need the legal details? Review our Privacy Policy for the full data protection statement.

Operational safeguards

  • Encrypted backups to isolated systems
  • Per-tenant containers with no cross-access
  • Firewall segmentation for every hosting node
  • German data center residency for all customer data
Talk to a security engineer

Legal bases for processing

We process personal data only on clear legal bases under GDPR. Depending on the purpose, we rely in particular on contract performance (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR), or consent (Art. 6(1)(a) GDPR).

Where we act as a processor, we process data only on documented instructions from the controller under Art. 28 GDPR.

Data subject rights

You have rights of access, rectification, erasure, restriction of processing, data portability, and objection to certain processing activities.

Please submit requests via our privacy contact form or the contact details listed in our Privacy Policy.

Our guarantee

All customer data stays securely stored in Germany. Technical partners are contractually bound to the same German data protection laws.

We never sell or share personal data. Data is processed only to operate your SaaS-secure.com services unless law requires otherwise.

Data export

Download exports from the Customer Center at any time. When you end hosting, we provide a final export of your data at no cost.

Exports include everything needed to restore your environment, except components that only run on our infrastructure.

Access Customer Center

Data Processing Agreement

Processing personal data under GDPR? Sign the commissioned data processing agreement (Art. 28 GDPR) directly in your account.

Use the online Data Processing Agreement tool in the Customer Center — no paperwork or email back-and-forth.

Sign DPA online

Retention and deletion

We store data only as long as needed for each processing purpose and to satisfy statutory retention obligations.

After contract termination, deletion and return periods are governed by the contract and Privacy Policy. Before deletion, we support you with data exports.

Third-country transfers and subprocessors

Our default operations are in Germany. If processing outside the EEA is required in specific cases, we implement appropriate safeguards (for example, EU Standard Contractual Clauses).

Current information on subprocessors and processing locations is available in your contractual documents and our Privacy Policy.

Status

Status 2026-02-24 · This page complements the legally binding details in our Privacy Policy and contractual documents.