Rekivo
DEEN

Security & Compliance

GDPR compliance

Rekivo is fully compliant with the EU General Data Protection Regulation (GDPR). We process personal data only where necessary and provide full transparency about data handling.

  • Data subject rights: access, rectification, erasure, portability, and objection (Art. 15-21 GDPR).
  • Data processing agreements with all sub-processors.
  • Privacy by design: minimal data collection, purpose limitation, and storage limitation.

Data hosting in Germany

All data is hosted exclusively in German data centers operated by Hetzner. No data leaves Germany or the EU. This includes application servers, databases, file storage, and backups.

Encryption

All data in transit is encrypted using TLS 1.2 or higher. Data at rest is encrypted using AES-256. API keys and sensitive credentials are stored using industry-standard hashing algorithms.

GoBD compliance

Rekivo supports GoBD-compliant archiving (Grundsätze zur ordnungsmäßigen Führung und Aufbewahrung von Büchern, Aufzeichnungen und Unterlagen in elektronischer Form). Original invoice files are stored immutably and a complete audit trail of all changes is maintained.

Rekivo — Receive and manage e-invoices with ease