Our software and all data in the system are hosted in data centers in Germany and are not sent abroad except at the explicit request of the client. The hosting contract is governed exclusively by German law, in particular German data protection law, the German Civil Code (BGB) and the German Commercial Code (HGB).
The companies awarded the SOFTWARE HOSTED IN GERMANY seal deposit the current standard of their technical and organizational measures with regard to data protection with BITMi e.V.
The processing of data and information and their exchange with our customers, partners and between employees is essential in order to provide our services and products to our customers.
Information security is a top priority. We are aware of our responsibility to protect sensitive data and have therefore implemented an information security management system (ISMS) in our company.
Our guideline on information security explains how we handle information and ensure its security.
All user activities are logged in an audit-proof manner. In addition, our cloud creates a checksum (hash) for each file for unique identification. Files (including all versions) are not deleted, but merely locked. All data is always available to you in its entirety and without gaps.
We regularly review the security precautions of our service providers and subcontractors. All partners are contractually obligated to meet the same high security and data protection standards as DYVE.
Single Sign-On (SSO) allows you to connect your Microsoft Active Directory with that of the user, so that a simple log-in with the known credentials is possible. The user can be logged in immediately when accessing PAVE from the corporate network.
To ensure the highest level of information security for our customers, we operate an ISO/IEC 27001 certified Information Security Management System (ISMS) in our company.
We regularly have the security of our system checked by independent penetration tests. The test is carried out in accordance with the OWASP criteria, among others.
Responsible handling of vulnerabilities and security gaps rounds off our security system. Have you discovered a security problem? Feel free to report it – we will take care of an adequate solution. Further information on this can be found in our Vulnerability Disclosure Policy.
Our cloud stores your files on three server clusters in physically separated data centers with ISO 27001 and BSI IT-Grundschutz certification. Daily backups provide additional protection.
The encrypted transmission of data is supported by TLS 1.2 with Forward Secrecy. Storage is also encrypted (AES-256).
Security starts with people. For this reason, all our employees have committed themselves in writing to data protection (Art. 29 DSGVO) and confidentiality.
Our numerous security measures include DDoS protection, an always up-to-date virus scanner, hardened server systems, regular vulnerability scans (PCI-DSS compliant), and multi-level firewalls.
Our cloud provides you with comprehensive access rights management. You assign individual rights for individuals, groups or roles. The current status is documented rights reports, the current status is documented and can be viewed transparently.
Choose from a variety of 2-factor authentication options: SMS-TAN, Google Authenticator, Mail-TAN or FIDO2.