Unsere Website gibt es auch auf Deutsch - würden Sie gerne zu dieser Version wechseln?Zu Deutsch wechseln
MADE & HOSTED
IN GERMANY

Your data needs the best protection

Strict safety standards according to GDPR

Stackfield meets all data protection requirements in accordance with the General Data Protection Regulation and even beyond. This page will introduce you to our security measures. The following links will provide you with a quick overview of the most important topics concerning the GDPR.

How does Stackfield protect your data?

Step 1

Two-Factor Authentication

In order to strengthen the security of your account during login, you can use the two-factor authentication. If your password is compromised, this will prevent third party access to your account.

It is possible to additionally secure the authentication and verify the user by using a YubiKey.

Step 2

German Server Location

Stackfields servers are located in Germany. Therefore, the use of Stackfield is compliant with European data protection law. That means you can also store customer data in the cloud without violating regulations.

Step 3

End-to-End Encryption
RSA-2048 & AES-256

Our end-to-end encryption protects data using a unique combination of AES and RSA algorithms. AES encryption comes with a 256-bit key length, while RSA encryption uses a 2048-bit key length. The encryption and decryption of the data takes place in the user's browser. In this way, we ensure that unauthorized parties can neither decrypt nor view the data - not even Stackfield being the software provider can do that. In other words, all relevant data is transferred securely encrypted to our servers where it stays encrypted all in rest.

Each data room is separately encrypted with an automatically generated password. Users do not need to remember these passwords to access data in their data rooms. A user receives the password after becoming a room member. Henceforth, the synchronization takes place automatically in the background.

What data is encrypted in encrypted rooms?

Communication
  • Text messages
Discussions
  • Title
  • Description
  • Comments
Files
  • File Contents
Tasks
  • Title
  • Description
  • Subtasks
  • Description of time entries
  • Comments
Snippets
  • Title
  • Code
Documents
  • Title
  • Description
  • Comments
Events
  • Title
  • Agenda
  • Location
  • Comments
Step 4

Highest SSL standards

All relevant data is encrypted with our end-to-end encryption. Additionally we encrypt all data and personal information on the transit with the newest SSL encryption technologies, a 256-bit AES SSL/TLS encryption.

Step 5

Offsite Backups

All data is stored in high security data centers. Automatic online backups prevent data loss in emergency situations caused by theft, virus attacks, hardware failure or natural disasters.

Step 6

ISO 27001 Certified Data Centers

All data centers are ISO-27001 certified. They are protected by guards and video monitored 24/7, 365 days a year. Each data center has an emergency power supply and stores all data redundantly.

Supporting Security Features

Data Processing Agreement

You can conclude the agreement required due to the GDPR with a few clicks.

Penetration Testing

Stackfield regularly conducts penetration tests to protect the platform from attacks and security breaches.

Employees trained in Data Protection

Stackfield's employees receive special training on data privacy and security.

Certified Mobile Apps

Stackfields mobile apps have been tested and certified as Trusted App by APPVISORY.

Redundancy of the systems

The data of our users is stored multiple times mirrored, to ensure that it won’t be lost even in case of hardware failures.

Two-factor authentication required

To additionally protect the data, you can define centrally that access is only possible with active two-factor authentication.

Single Sign-on

For ease of use you can use the single sign-on for Stackfield, which automates user management.

User Provisioning via API

Adding and editing of users can be done using the API of Stackfield.

Reporting on Employee Logins

The reporting feature shows when employees last logged in to Stackfield.

Reporting about changes of the organization settings

To track changes of an organization's settings, they are collected and displayed in a report.

Export of all personal data

All users are able to create an export of the respective personal data uploaded to Stackfield.

Export of organization data for administrators

The selected options of the organization settings can be downloaded and saved by the administrators.

Access restrictions by IP addresses

Access to the data of an organization can be limited to certain IP addresses by using the IP white list.

Login notifications when using unknown device

As soon as a login on an unknown device takes place, users receive an e-mail notification directly.

Access log for each account

Each user can track exactly on which devices and via which IP addresses an access to their own account has taken place.

Password Policies

Precise rules on the strength and frequency of changing the password provide a high level of protection against unauthorized access.

Compliance rules for each organization

Within an organization and the rooms, it is possible to determine who is entitled to which in-person access or to make changes.

Service level agreements regarding availability

Stackfield is focussed on a high availability of the platform and assures it through a service level agreement.

This site uses cookies to give you the best possible experience. By surfing on our site, you agree to the use of cookies. Learn more
OK
Ready to try Stackfield?
Over 10.000 companies joined Stackfield
Try Stackfield for free