Security & compliance

Your SAP data, protected

Conjola works with sensitive document data from your core systems. That is why security is not an afterthought but built into every layer — from authentication to tenant isolation.

Privacy by design

Security is part of the architecture, not a later add-on.

Tenant isolation

Strict multi-tenant isolation: every tenant is logically separated. One customer's data is never visible to another, at any point.

Role-based access

Fine-grained roles control who may see which analyses, modules and datasets — following the principle of least privilege.

Minimal data footprint

We prefer to work with document metadata and structures rather than plain-text business content. What isn't needed for the analysis isn't touched.

OIDC authentication

Sign-in via OpenID Connect — compatible with your identity provider, including central user and session management.

How your data is protected

01

Encrypted at rest

All stored data is encrypted at rest — at the storage and backup layer.

02

Encrypted in transit

Every transfer runs in transit over TLS. Data never leaves the protected channel in plain text.

03

Controlled access

Access is authenticated, role-based authorized and traceable through audit logs.

04

Defined deletion concept

Data is deleted after agreed retention periods. On request, extracts and analyses can be removed at any time.

Compliance

Set up for the requirements of European enterprise customers.

GDPR-compliant

Conjola is built for GDPR requirements — from data minimization through data-subject rights to defined deletion processes.

Data processing agreement

We sign a data processing agreement (DPA) and document the processing transparently and verifiably.

EU hosting

Data storage and processing take place in data centers in the EU (Germany). Your data does not leave the European legal area.

What we deliberately do NOT need

A small attack surface means: no access we don't need.

No production access

Conjola does not connect to your production system. We work exclusively with the extracts you provide.

No plain-text business content

Where metadata and structures suffice, we do without the full business content of the documents.

No persistent credentials

No production SAP credentials are stored with us — the data flow is pull-based and driven by you.

Ready to understand your SAP landscape?

In a short demo we'll show you how Conjola turns your document data into a basis for decisions.

Book a demo