·SECURITY · COMPLIANCE · PRIVACY

Trust is built on evidence.

At GermanAI Defense, security is not a feature. It's the foundation. Here we show what we hold ourselves accountable to: audited, documented and communicated transparently.

·OUR STANDARDS

Compliance & Certifications

Four standards we hold ourselves to. We are formally certified to ISO 27001. GDPR, NIS 2 and the EU AI Act were assessed as part of our ISO 27001 audit, and here we are compliant. We don't claim anything we can't substantiate.

ISO/IEC 27001:2022 Certified
✓ Certified

ISO/IEC 27001:2022

Formally certified to ISO/IEC 27001:2022 since May 2026. Auditor: A-Mark Ratings Limited, accredited by UAF and IAF. Certificate No. 26052601, valid until 25 May 2029.

  • Certificate No. 26052601
  • Issued 26 May 2026
  • Valid until 25 May 2029
  • Accreditation UAF + IAF
GDPR Compliant
✓ Compliant

GDPR / EU DSGVO

Fully GDPR compliant with a documented Record of Processing Activities (Art. 30), a Data Processing Agreement template, technical-organisational measures (TOM) per Art. 32, and a designated Data Protection Officer.

  • Record of Processing (Art. 30)
  • DPA template for clients
  • TOM per Art. 32 GDPR
  • Designated DPO
NIS 2 Directive Compliant
✓ Compliant

NIS 2 Directive

Our own cyber-resilience measures meet NIS 2 requirements: risk management, incident reporting, supply-chain security, business continuity and recurring effectiveness reviews. What we advise others, we live ourselves.

  • Risk management (Art. 21)
  • Incident reporting (Art. 23)
  • Supply-chain security
  • Business-continuity plan
EU AI Act compliant
✓ Compliant

EU AI Act

Our AI systems are risk-classified, documented and operated to audit-ready standards. Human oversight, transparency obligations and technical robustness per EU AI Act are built in, assessed during our ISO 27001 audit. Including for client projects.

  • Risk classification per system
  • Human-in-the-loop documented
  • Transparency notices live
  • Technical documentation audit-ready
·CONTACT

Questions on security & compliance?

Need our DPA, want to review a TOM document, or have questions about our ISO 27001 certification? Drop us a line. Typical response within 2 business days.

Email info@germanaidefense.de →

Go deeper: Information Security Policy · Privacy Policy · GRC & Compliance Consulting