Trust at Matproof
Trust is everything. So we prove it.
Matproof runs European-regulated compliance work. Our security posture, data residency, and subprocessor transparency are matched to the customers that hold us to it.
Hosted in Germany
Production runs on Hetzner infrastructure in Germany. Customer data stays in the EU.
Hetzner Online GmbH — ISO 27001 certified, BSI C5 compliant.
Transparent subprocessors
Every third party that touches customer data is listed with name, purpose, and data residency — and we notify you before changes.
Every subprocessor documented in our in-product subprocessor register, updated as the list changes.
Encrypted by default
TLS 1.3 in transit, AES-256 at rest. Secrets managed in a dedicated key-management service.
Customer data never decrypted outside the application boundary.
Audit-ready ourselves
Matproof runs its own controls on Matproof. We hold ourselves to the same standards we ship to customers.
Independent penetration testing on a regular cadence.
Documentation
Everything you need before procurement asks.
Data Processing Agreement (DPA)
Article 28 GDPR–compliant. Pre-signed, GDPR + Schrems II compatible.
Privacy policy
How we process data on matproof.com and inside the product.
AI Processing Statement
How customer data interacts with AI models inside Matproof.
Subprocessor register
Live list of every third party that touches customer data.