Security & Compliance

Your data — under your control. Always.

Tagd is built on EU-based infrastructure with encryption at every layer and processes designed around GDPR and ISO 27001. We meet the security requirements that Nordic companies demand.

Overview

Security at a glance

Here are the key points for those who need a quick overview of how Tagd handles security and data protection.

EU storage

All data is stored encrypted within the EU — AWS Sweden and Ireland.

AES-256 encryption

Encryption at rest and in transit. Customer-specific keys via AWS KMS.

GDPR compliance

Full compliance. Data Processing Contract (DPA) available for all customers.

AI within EU

All AI processing takes place in the EU. No customer data is used for model training.

ISO 27001

Certification in progress — planned Q3/Q4 2026.

99.5% uptime

Guaranteed uptime per calendar month. Daily backups with 30-day retention.

Detailed information

Infrastructure and architecture

Your data is stored encrypted in the EU with strict access controls. We ensure that you have full control over your information with configuration tailored to your needs.

Storage

AWS Sweden (eu-north-1) / Ireland (eu-west-1)

Encryption at rest

AES-256 via AWS SSE-KMS with customer-specific keys

Encryption in transit

SSL/TLS 1.2+ on all endpoints

Backup

Daily backup to S3 (encrypted). 30-day retention.

RTO

4 hours

RPO

24 hours

Uptime

99.5% uptime (month-to-month)

Data portability

As a customer, you can export all your data at any time. Full portability — you always own your information.

Information classification

All customer data is classified as confidential. Handling, access, and distribution are governed by classification level.

Access control

Access is granted on a need-to-know basis. Permissions are reviewed quarterly and revoked immediately upon role changes.

Disaster recovery

Formalized Disaster Recovery Plan (DRP) with defined RTO and RPO targets. Daily backups ensure continuity.

AI processing and data flows

We use enterprise-grade AI services with strict data processing contracts. No customer data is used for model training.

Text extraction / OCR

Mistral (France, EU). Documents are processed and deleted immediately after extraction.

AI analysis

Azure OpenAI Enterprise (Sweden, eu-north-1). Data is processed under Microsoft's enterprise contract — no third-party access.

Model training

No customer data is used for model training. Your documents never train our or third-party models.

Compliance and certifications

Compliance is not a project — it is part of how we build the product.

GDPR

Full GDPR compliance. Data Processing Contract (DPA) available for all customers.

ISO 27001

Certification in progress — planned Q3/Q4 2026.

Incident management

Formalized Incident Response Plan (IRP). 72-hour GDPR notification for personal data incidents.

Vulnerability management

Annual external security scans. Dedicated CISO responsible for risk management.

Training

Annual security training for all employees. Quarterly risk workshops.

Ongoing review

Our information security policy is reviewed annually and updated as needed. All changes are documented and communicated to relevant parties.

Service level contract

We believe in transparency. All customers receive clear service levels with defined response times.

Guaranteed uptime

99.5% per calendar month

Support hours

Monday–Friday, 09:00–17:00 CET

Documents on request

Happy to share more

Need documentation for an internal security review or vendor assessment? We help you quickly and without hassle.

Data Processing Contract (DPA)

Read and download our standard data processing contract.

Read DPA →

Sub-processors

Complete list of Tagd's sub-processors.

View list →

Request security documentation

Use our contact form and mention 'Security' as the subject and we'll send the right materials.

Security documentation — PDF with complete technical security description
Audit reports — Available on request for enterprise customers

Go to contact form →

Have security questions?

Use our contact form and mention 'Security' as the subject — we'll get back to you as soon as we can.

Ready to see how Tagd protects your data?

Book a demo and get a walkthrough of our security architecture tailored to your requirements.

Book demo →Contact us →