Security and data protection at Flexperto

Our security measures at a glance

The protection and security of your and, of course, our data is an important and serious concern for Flexperto. Due to our function as a processor, the implementation of appropriate technical and organizational measures is essential for the (further) development, operation and growth of the Flexperto platform.

To meet the highest security and data protection requirements, we have established an appropriate compliance program, implemented best practices and state-of-the-art measures and standards, and commissioned regular audits and reviews by external auditors.

ISO 27001

Flexperto’s information security management system is ISO 27001 certified.

With the ISMS, we ensure that we implement all requirements from the ISO 27001 standard and continuously develop and improve our security standards.

When selecting our service providers for our data center or partial functionalities of the Flexperto platform, ISO 27001 certification is a basic requirement for cooperation.

You can view the certificate here

For further information, please refer to

IDW PS 951 / ISAE 3402 / SOC2

Flexperto regularly has its internal control system (ICS) audited by an auditor in accordance with the German standard IDW PS 951 and the international standard ISAE 3402.

In this context, we have defined 20 control objectives that ensure the implementation of legal, regulatory, contractual and also our own requirements. Through regular reviews, we detect possible deviations at an early stage and can react to them adequately.

Do you need more information or are you interested in the reports? Then please contact

DSGVO-compliant technical and organizational measures

In addition to the described certificates and reports on ISO 27001 and IDW PS 951, Flexperto also regularly has the Technical and Organizational Measures (TOM) audited for adequacy according to DSGVO and effectiveness.

Do you wish to learn more or are you interested in the reports? Then please contact

MiFID II compliant recording function according to IDW PS 880

Flexperto offers the recording function for MiFID II-compliant recording. Your video consultation is recorded and made available in a MiFID II-compliant archive together with all information exchanged during your online consultation (e.g. whiteboard).

We have had MiFID II compliance audited by an auditor through an IDW PS 880 audit.

Do you need further information or are you interested in the report? Then please contact

What security measures are we taking at Flexperto?

Are you interested in learning more about the specific security measures we take?

We divide our security measures into three categories:

Discovered a security vulnerability?

If you are made aware of any security issues or vulnerability on our platform, please report them to . Please PGP encrypt your messages using this public key. Please make sure that your messages contain your public PGP, otherwise messages will be rejected by our PGP infrastructure

In order to continuously review and improve the measures described here and to establish a generally high level of information security at Flexperto, we have set up an information security management system (ISMS) in accordance with ISO 27001.

We will be happy to provide you with the following documents upon request:

  • Sample order processing agreement (AVV)
  • Overview of Technical and Organizational Measures (TOM)
  • IT security concept

Feel free to contact us under

More ressources

Flexperto introduction video

System requirementsLegal perspectives: WhatsAppLegal perspectives: SMS, Messenger und TelegramSystem status