Information Security & Privacy
Your data’s security and privacy are Luminovo’s top priorities. If you have any comments, concerns or questions about our data security & privacy at Luminovo, please send your request to security@luminovo.com.
Enterprise-ready security & privacy
Germany based. Our Microsoft Azure hosting servers are located in Frankfurt, Germany.
ISO 27001 certified. All data hosting solutions (provided by Microsoft Azure) are fully compliant with ISO 27001 and SOC 2. Luminovo has also been ISO 27001 certified since June 2023.
Encryption in-transit and at-rest. All data is encrypted at rest using FIPS 140-2 validated cryptographic modules and the AES 256-bit cipher. For transport layer security, we use TLS 1.2+ everywhere.
Multi-tenant security. With a multi-tenant architecture our software ensures data separation of different customers on a database level
Information security officer. Data security is a top-level management priority. Our founder and managing director Timon Ruban is our information security officer.
GDPR-compliant. As an EU-based company, we adhere to GDPR compliance.
Backups and disaster recovery. We do automatic backups ranging from instantly to every four hours and keep the backups in zone-redundant storage for up to 7 days.
Vulnerability protection. We use an automated security scanner on every code change to uncover any known vulnerabilities and misconfigurations in our software.
DDoS protection. Access to our servers is protected from denial-of-service attacks using Cloudflare’s always-on DDoS protection.
Suspicious IP throttling. We automatically protect against suspicious logins targeting too many accounts from a single IP address.
Strong password policies. A strong password policy (disallowing the 10,000 most common passwords; disallowing personal data – like the name – and enforcing minimum length, special characters, lower- and uppercase characters and numbers in any password) make it difficult, if not improbable, for someone to guess a password through either manual or automated means.
Multi-factor authentication. We offer the option to secure your logins with multi-factor authentication.
Single Sign-On (SSO) and SAML. Available on Enterprise plans for secure, streamlined authentication.
Role-based access control. Define user and admin roles for customised access permissions.
Data Security & Privacy Documents
ISO 27001:2022 Certificate
View as PDF file:
Data Processing Agreement / Auftragsverarbeitungsvertrag
View as .doc file:
Data Privacy Statement of our products
View as PDF file:
Data Privacy Statement of our website luminovo.com
View as PDF file:
FAQ
Book a free demo
Let our product specialists guide you through the platform and show you how it can improve your procurement processes and specific needs. Or check out a 5-min video of the most relevant features.