Skip to content
verkehrsleiter24

Data security

Operating information needs clear access boundaries.

The platform separates organisations and roles at the data layer. Security controls support confidentiality and traceability without promising absolute security.

Tenant isolation

Each operator stays inside its organisation

Database access uses Row Level Security to restrict information by organisation and role. Customer accounts access their own organisation; transport managers see assigned operators only.

  • Role-based access
  • Organisation-scoped data queries
  • Administrative capabilities protected separately

Document access

Files are not shared as permanent public links

Customer documents live in protected storage. Authorised users open files through short-lived signed links after their role and assignment have been checked.

  • Private storage areas
  • Time-limited file links
  • Access through authorised server actions

Traceability

Relevant decisions leave a history

Document reviews, corrective actions, signatures and administrative activity are recorded with role and time context. Compliance-relevant work is linked continuously.

  • Append-only events
  • Audit and activity logs
  • Reversals added as new records rather than silent deletion

Shared responsibility

Technical controls and operating practices work together

Safe use also depends on correct roles, current accounts, protected credentials and agreed retention processes. Binding privacy details are set out in the privacy notice and DPA.

  • No claim of absolute tamper-proofing
  • Privacy information and DPA
  • Reporting route through your point of contact

FAQ

Questions that matter before you start.

Can one customer see another company’s information?+

Database access is scoped to the organisation. Customer roles are intended to access their own organisation only.

How does a transport manager open a document?+

After checking the assignment, the system creates a short-lived signed file link. Documents are not exposed through permanent public links.

Is every activity completely immutable?+

Compliance-relevant events are documented continuously and append-only. We still avoid claiming that any technical system is absolutely impossible to manipulate.

Where are binding privacy details provided?+

The published privacy notice and the data processing agreement govern the relevant privacy information.

Discuss your operation

Let’s find the right setup for your operation in Germany.

In a no-obligation intro call, we discuss your fleet, current position and required support.

Request access