Enterprise Compliance

SCT meets the highest security and privacy standards

Certifications & Standards

DSGVO / GDPR

Privacy by Design, pseudonymization per Art. 4(5)

EU AI Act

Transparent AI data processing

ISO 27001

Information security management

PCI DSS

Payment card data protection

SOC 2 Type II

Security, availability, confidentiality

DORA

Digital operational resilience

Technical Measures

AES-256-GCM Encryption

Military-grade authenticated encryption for all data at rest and in transit.

Format-Preserving Encryption

FPE-FF1 keeps data structure intact while fully encrypting content.

E2E Encrypted DataStreams

Client-side encryption ensures data is never exposed in plaintext on our servers.

Hash-Chain Audit Trail

Tamper-proof, cryptographically linked audit log for every operation.

Tenant Isolation (Docker)

Each tenant runs in isolated containers with dedicated encryption keys.

EU Data Residency

All data processed and stored exclusively in EU data centers (Germany).

Trust Architecture

  • Data never leaves EU
  • Zero-access architecture (SupportKey model)
  • Immutable audit trail
  • Customer-managed encryption keys

Documentation Downloads