Trust & Security Centre
Everything your IT, security and data-protection teams need to evaluate Flowcite: certifications, compliance, data protection and accessibility, in one place.
Privacy & compliance
Built for the regulatory expectations of institutions worldwide.
GDPR (EU/EEA)
Operated by Flowcite GmbH under EU data-protection law. A Data Processing Agreement (DPA) is available for institutional customers.
FERPA (US institutions)
We support US institutions' obligations for the privacy of student education records.
EU data residency
Data is hosted within the European Union. Sub-processor details are available on request.
How we protect your data
Encryption
Data encrypted in transit (TLS) and at rest.
Access control
Least-privilege access and role-based controls for all systems handling user data.
Monitoring & backups
Continuous monitoring and regular backups, with an incident-response process in place.
Accessibility (WCAG 2.1 AA)
We are committed to making Flowcite usable for everyone. The site and product are built towards WCAG 2.1 AA, including keyboard navigation, visible focus states, descriptive alternative text, and reduced-motion support. If you encounter a barrier, contact accessibility@flowcite.com and we will work to resolve it.
Resources for procurement & security teams
Documentation to support your review, available on request.
Data Processing Agreement
A GDPR-compliant DPA for institutional customers. Request the DPA.
Sub-processor list
The current list of sub-processors and their roles. Request the list.
Security questionnaire
A pre-answered standard security questionnaire to speed your review. Request it.
Questions about security or compliance?
Our team will walk your IT, security and data-protection stakeholders through everything they need.