Enterprise Compliance
SCT meets the highest security and privacy standards
Certifications & Standards
DSGVO / GDPR
Privacy by Design, pseudonymization per Art. 4(5)
EU AI Act
Transparent AI data processing
ISO 27001
Information security management
PCI DSS
Payment card data protection
SOC 2 Type II
Security, availability, confidentiality
DORA
Digital operational resilience
Technical Measures
AES-256-GCM Encryption
Military-grade authenticated encryption for all data at rest and in transit.
Format-Preserving Encryption
FPE-FF1 keeps data structure intact while fully encrypting content.
E2E Encrypted DataStreams
Client-side encryption ensures data is never exposed in plaintext on our servers.
Hash-Chain Audit Trail
Tamper-proof, cryptographically linked audit log for every operation.
Tenant Isolation (Docker)
Each tenant runs in isolated containers with dedicated encryption keys.
EU Data Residency
All data processed and stored exclusively in EU data centers (Germany).
Trust Architecture
- Data never leaves EU
- Zero-access architecture (SupportKey model)
- Immutable audit trail
- Customer-managed encryption keys