Data Security

Your data is protected by the highest industry standards. We operate our own Information Security Management System (ISMS) built to enterprise-grade requirements.

Your data is protected by the highest industry standards. We operate our own Information Security Management System (ISMS) built to enterprise-grade requirements.

ISO 27001 Readiness

Our ISMS is built in alignment with ISO/IEC 27001 standards. We have implemented comprehensive security controls covering risk assessment, access management, incident response, and continuous improvement – preparing us for formal certification.

GDPR / DSGVO Compliance

Full compliance with the EU General Data Protection Regulation. We implement data minimization, purpose limitation, and transparent processing. All personal data is processed within the EU, with strict data processing agreements for every sub-processor.

NIS2 Readiness

As EV charging infrastructure becomes part of critical infrastructure, we are prepared for NIS2 directive requirements. Our security measures include supply chain security, incident reporting procedures, and risk management frameworks aligned with NIS2 obligations.

Our ISMS

We operate a dedicated Information Security Management System that governs all aspects of our security posture. This includes regular risk assessments, security awareness training, access control policies, encryption standards, and comprehensive audit trails.

Encryption & Access Control

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Role-based access control, multi-factor authentication, and the principle of least privilege ensure that only authorized personnel access sensitive systems.

Audit Trails & Monitoring

Comprehensive logging and monitoring of all system activities. Automated alerting for anomalous behavior, regular security audits, and penetration testing ensure continuous security assurance.

Contact us
FAQs

Frequently Asked Questions

Everything about data security and compliance – from ISO 27001 to GDPR.

Is OB7 ISO 27001 certified?

Yes, OB7 is ISO 27001 certified. Our information security management system is regularly audited by independent auditors.

Where is data stored?

All data is stored in German data centers. We exclusively use GDPR-compliant cloud infrastructure.

How is GDPR compliance ensured?

We have a Data Protection Officer, conduct regular data protection impact assessments, and offer data processing agreements (DPA) for all customers.

What encryption is used?

All data is stored encrypted with AES-256. Transmission is exclusively via TLS 1.3 encrypted connections.

How are access rights managed?

OB7 offers role-based access control (RBAC). You define who can access which data and functions.

What happens in case of a security incident?

We have a documented incident response process. Customers are informed within 24 hours, and we provide detailed post-mortem reports.