Your data is safe with EMDESK

Developed and hosted in Germany

EMDESK is built exclusively by our employees with proven experience and reliability who are located in our headquarters in Germany. All production systems and customer data are hosted exclusively in Germany with Hetzner Online, ensuring compliance with strict European data protection standards. No customer application data is processed outside of Germany.

Infrastructure security

To ensure the highest infrastructure security, EMDESK is hosted with Hetzner Online in Germany. EMDESK operates two dedicated servers in two physically separate data centers (FSN1-DC3 and FSN1-DC10) within Hetzner's Datacenter Park in Falkenstein/Vogtland, Germany. This architecture eliminates any single point of failure and ensures data availability and redundancy.

Hetzner's hosting infrastructure is certified to internationally recognized security standards:

• ISO/IEC 27001:2022 - Information Security Management System (ISMS), certified by SOCOTEC Certification Deutschland GmbH
• BSI C5 Type 2 - Cloud Computing Compliance Criteria Catalogue of the German Federal Office for Information Security (BSI), confirming effective application of security criteria over a defined period
• KRITIS (Section 8a BSIG) - Hetzner is classified by the BSI as an operator of critical services and certified accordingly
• Regular TOM audits by TUV Rheinland

The data centers provide comprehensive physical security including high-security perimeter fencing with anti-climb and anti-dig protection, electronic access control with full logging, continuous 24/7 video surveillance of all relevant areas, fire alarm systems with direct fire brigade connection, redundant power supply with UPS and generators, and raised-floor cooling systems. A documented visitor policy requires registration, authorization, ID verification, and escort by Hetzner personnel at all times.

Data segregation and confidentiality

The production systems, databases, and networks are physically and logically separated from the enterprise infrastructure. Customer accounts are logically separated at the data layer. Development, staging, and production environments are fully isolated from each other.

There are strict security policies for employee access. Access to customer data for support purposes is only possible when the customer explicitly invites the support employee into their workspace. Only in absolute emergencies is direct access without invitation possible, restricted to senior authorized personnel and exclusively for support purposes. All access is logged and monitored.

To connect to production infrastructure, employees must use a VPN connection and multi-factor authentication. Access is identity-based and restricted based on employee role using a least-privilege approach. All privileged actions are logged separately.

Our employees receive regular training on data protection and information security, including awareness of current threats such as phishing and social engineering. All employees are contractually bound to confidentiality and sign separate non-disclosure agreements. Background checks are conducted in accordance with applicable law prior to employment. Upon termination of employment, all access rights are revoked on the last working day, and company-owned devices and access media are returned.

Software development security

The software architecture and release cycle are designed to protect against security breaches. All development is performed entirely in-house by EMDESK employees in Germany. EMDESK uses a version control system to track all changes to the code base, making every change auditable and traceable. Changes must follow internal coding principles, OWASP security guidelines, and industry best practices.

Development, testing, and production environments are strictly separated. All changes are pushed to a staging environment for thorough review and testing before being released into production. Code deployments to the production environment require a mandatory peer review and separate approval. No unmodified production data is used in staging or test environments; where production data is needed for testing purposes, it is anonymized or pseudonymized.

All server systems follow documented baseline configurations, hardened according to recognized best practices. Changes to system configurations are documented and require approval. Releases are typically deployed outside typical European business hours. Urgent changes, such as security patches, can be made available on demand. Rollback capability to previous versions is maintained at all times.

Third-party security assessments and penetration testing are available for Enterprise Plan customers. Test reports can be requested under NDA.

User authentication

Each user in EMDESK has a unique account with a verified business email address. Alternatively, users can authenticate via their Microsoft account. For Enterprise Plan customers, Single Sign-On (SSO) via SAML/OIDC is available for integration with existing identity management systems.

EMDESK enforces password policies with high security criteria, including complexity, reuse prevention, and expiration requirements. Passwords are hashed and salted in accordance with industry best practice and are never stored in plaintext. Two-Factor Authentication is available as an additional security measure to protect EMDESK accounts.

User sessions and IP addresses are individually tracked and can be individually audited or revoked. A maximum session duration is configured. Automatic account lockout is triggered after repeated failed login attempts. CAPTCHA protection is enforced on all authentication endpoints, including account creation, password recovery, and login, upon repeated attempts.

Precise access control

EMDESK maintains a documented access control policy that governs access to systems, data, and functions based on the principle of least privilege.

Client administrators and managers administer user provisioning on their account and have the option to control access through a precise and cascading permission system. Permissions can be configured at organization, project, or element level. This allows admins to control each user's or user group's access throughout the project, while allowing project managers to further delineate permissions.

Project participation is limited to users invited to the project by a user with sufficient permissions, and ranges from full administrative privileges to read-only access. All access is logged and traceable, providing a complete audit trail.

Data encryption

EMDESK protects all data in transit and at rest using industry-standard encryption.

All data transmitted to and from EMDESK is encrypted using TLS 1.2 or higher, covering all web traffic, API calls, and internal service communication. TLS certificates are issued by Let's Encrypt, a recognized and publicly trusted Certificate Authority of the Internet Security Research Group. Transmission of personal or confidential data via unencrypted channels is prohibited.

All customer data stored in EMDESK is encrypted at rest using AES-256. Files are encrypted with individual per-file encryption keys. These encryption keys are stored in a dedicated key management vault, which is a separate system isolated from the data storage layer. Keys are rotated regularly (at least annually) and securely destroyed when no longer needed.

Data redundancy, backup, and recovery

EMDESK operates two dedicated servers in two physically separate data centers within the Hetzner Datacenter Park in Falkenstein, Germany. Data is replicated hourly from the primary server to the secondary server. The exchange of replication data runs via an internal network connection between the data centers, separate from the public internet.

A full backup is performed daily, encrypted, and stored in an environment separate from the primary servers to ensure fault tolerance. Backup integrity is verified regularly. In an emergency, customer data can be restored from the hourly replications on the secondary server, or from the daily full backups.

EMDESK defines the following recovery objectives:

• Recovery Time Objective (RTO): Restoration of operations within 24 hours
• Recovery Point Objective (RPO): Maximum data loss of less than 1 hour through hourly replication; up to 24 hours when restoring from daily full backups

EMDESK maintains a documented ICT continuity plan that defines recovery steps, responsibilities, and communication channels in the event of a disruption. Even during disruptions, all security measures including encryption, access control, and logging remain fully active. Security controls are never deactivated in favor of faster recovery. Recovery procedures are tested regularly.

Action traceability, content, and document recovery

The Activity Tracker logs all updates and actions along the entire project lifecycle with all details, user identity, and timestamps. This gives you control and traceability at all times.

If a user deletes project items, files, or folders from the workspace, EMDESK puts them into a separate recycle bin. Client administrators and managers can safely recover deleted items from the project's recycle bin for 120 days after deletion.

With built-in document versioning, EMDESK saves a history of all previous versions of files and allows you to restore them for up to 30 days. Unlimited version history is available on a per-document basis.

Incident response

EMDESK maintains documented incident response procedures covering detection, classification, investigation, containment, recovery, and post-incident analysis. All employees are instructed to report recognized or suspected security events immediately through a defined internal reporting channel to the technical management.

In the event of a security incident, relevant log data and system states are preserved to enable subsequent analysis and, if necessary, forensic investigation.

In the event of a data breach affecting customer data, customers are notified without undue delay, within 48 hours of confirmation. Notifications include the nature of the breach, affected data, and remediation steps. Regulatory authorities are notified within 72 hours as required by Article 33 GDPR. After every significant security incident, a documented post-incident analysis is conducted, and lessons learned are incorporated into improved security measures.

Privacy and GDPR compliance

EMDESK is committed and obligated by European and German law to protect the privacy of users and their data. EMDESK is fully compliant with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). All customer data is hosted exclusively in Germany.

EMDESK has established processes to ensure respect for your rights to erasure, rectification, data portability, information, restriction, and the right to be forgotten. A personal data registry is maintained pursuant to Article 30 of the GDPR. Privacy by design principles are built into the platform architecture.

A Data Processing Agreement (DPA) based on the EU Standard Contractual Clauses pursuant to Article 28(7) GDPR (EU Decision 2021/915) is available for all customers. All sub-processors are bound by data processing agreements in accordance with Article 28 GDPR. The current sub-processor list is published in the EMDESK Trust Center. Changes to sub-processors are communicated to customers at least 14 days in advance via email, with the right to object. On customer request, individual sub-processors with third-country involvement can be replaced by German alternatives or deactivated.

For more information, see our Privacy Policy.

Data portability and deletion

Customers can export their data in standard formats at any time, ensuring full data portability in compliance with GDPR.

At contract termination, data is deleted on the controller's instruction. In the absence of specific instructions, EMDESK sets a 30-day deadline; after expiry, the customer account and all associated data are permanently deleted. Web logs are automatically deleted within 90 days. Physical media destruction by Hetzner follows ISO/IEC 21964 standards when media cannot be securely erased.

Availability and reliability (99.9% uptime)

EMDESK strives to ensure availability of more than 99.9% across all services, with all scheduled maintenance taking place outside typical European business hours. Over the years of continuous operation, EMDESK has consistently reached or exceeded 99.9% uptime. Most updates and maintenance of production systems require no downtime.

Production systems are hosted with Hetzner Online, and EMDESK operates on dedicated servers in two physically separate data centers, ensuring resistance to any single point of failure. Real-time system status is available to customers. Availability is tracked and published by external monitoring.

Business continuity

EMDESK has a proven track record and trusted customers for over 17 years. Through years of successful and growing business since 2008 with thousands of users and organizations, including hundreds with long-term subscriptions, we are committed and financially stable to delivering our services.

EMDESK maintains documented business continuity procedures and an ICT continuity plan. Key processes are documented for knowledge continuity. Insurance coverage including cyber liability is in place.