Vicenarius

Security & trust

Your data. Fully isolated. Fully within the EU.

Vicenarius is built with separated organization data, European hosting, and access control across multiple layers. Your data is never accessible to other organizations.

European hosting
Data isolation
GDPR compliant
Row-level security

European hosting

All Vicenarius data is stored and processed within the European Union. We work with hosting partners compliant with GDPR and the NIS2 directive.

  • Data centers exclusively in EU member states
  • No transfer to third countries outside adequacy decisions
  • Hosting partners with SOC 2 and ISO 27001 certification

Separated organization data

Every organization in Vicenarius is completely separated from all other organizations. Your data is only available inside your own secure workspace.

  • Organization separation across every data layer
  • Access control is enforced automatically
  • No shared tables or shared storage between organizations

Strict access control

Permissions are checked across multiple layers before data is shown. Managers, employees, and clients only see what is intended for their role.

  • Policies for every role and portal
  • Role separation: owner, admin, manager, employee, client
  • Client portal has its own isolated access layer

Audit trails

Every change in planning, hours, financial data, and project information is logged. This provides traceability for internal audit, disputes, and compliance.

  • Logged changes in hour batches, approvals, and rejections
  • Project changes and status transitions tracked
  • Financial mutations per project traceable

Granular access control

Beyond standard roles, Vicenarius provides fine-grained access control. Managers see what managers need to see. Employees see only their own projects and hours. Clients see only their own portal.

  • Role-based navigation and data management per user type
  • Client portal access via isolated access code or login
  • Platform administration separated from organization management

GDPR compliance

Vicenarius is developed with privacy by design as a starting point. Personal data is only collected for operational purposes and not shared with third parties outside the processing chain.

  • Data processing agreements available on request
  • Right to access, correction, and deletion respected
  • Privacy policy fully documented

Responsible disclosure

Found a security issue?

We take security seriously. If you discover a vulnerability, we ask you to report it confidentially by email. We aim to respond within 48 hours.

info@vicenarius.eu

Responsible disclosure

We ask researchers not to publicly disclose found vulnerabilities before we have had the chance to address them. We will acknowledge your contribution if you wish.

Questions about security or compliance?

Our data processing agreement is available on request. Contact us for more information about our security architecture.

Get in touchPrivacy policy