Information security and data privacy
Note
The Celonis Platform adheres to the highest information security standards in order to protect your data.
Keeping all data safe and reliable is at the core of our service offering and our team is relentless when it comes to preventing possible points of failure
FAQs about information security and data privacy
Where is the data stored?
Celonis leverages Microsoft and Amazon hosting services. The hosting location of the customer’s database generally corresponds to the location of the customer (e.g. the data of European customers is hosted in a data center located in the EU).
How is the data encrypted?
All data transferred to Celonis is always encrypted via HTTPS using TLS 1.2 or higher. All data at rest is encrypted using AES-256 encryption.
Does personal data have to be processed?
Besides user account-related data (e.g. name, email, log files), no personal information is required to analyze processes in Celonis Platform. But, depending on the use case and the individual implementation of the client, personal data may be needed. Pseudonymization features are offered in such cases. The client is in full control of any personal information processed.
How does data deletion work?
You can request the deletion of the respective data at any time. Retention times for user-related log files (audit trail) can be configured by the customer. Backups are destroyed following industry standards and advanced techniques for data destruction. By default, the customer's database is deleted within 30 days of contract termination.
Is Celonis GDPR compliant?
Celonis has implemented a Privacy Information Management System (PIMS) globally based on the requirements of ISO 27001, ISO27701 and the EU GDPR. The PIMS is run by a dedicated internal Data Privacy Team.
Celonis solutions are designed according to the principles of data privacy by design and by default. For more information, see the White Paper on our Privacy Page.
Which certificates does Celonis own?
Among others, Celonis is certified according to ISO27001, ISO27701 and ISO9001. Click here to find out more about compliance efforts and certifications.