Security

Security controls you can verify before migration

Run production workloads on our infrastructure.

Customer data stays in our two Danish data centers, not in third-party public cloud regions.

We operate the physical facilities, network, and platform security controls.

European flag

Hosted in EU data centers

ISO Logo

ISO 27001 Certified

Security is fundamental to your business operations, and we've got you covered. We've implemented comprehensive security measures and adhere to the highest industry standards. Our state-of-the-art data centers in Denmark feature multiple layers of physical and digital security to keep your data safe.

Our commitment to security is evident in our adherence to internationally recognized standards and regulations. We continuously monitor and update our security protocols to address emerging threats and vulnerabilities, ensuring your deployments remain secure and compliant.

By choosing Asergo, you can trust that your server deployments are in a secure environment, allowing you to focus on your core business activities with peace of mind.

The Asergo Team

ISO Certification

ISO/IEC 27001:2022 in production terms

Asergo is certified to ISO/IEC 27001:2022. Scope includes asset inventory, access control, change handling, incidents, backups, and supplier risk.

You can map these controls to your internal policies before migration.

More about ISO 27001

Statement of Applicability (SOA)

The SOA lists applied Annex A controls, implementation status, and exclusions.

Organizational Controls

Comprehensive policies for information security

Roles and responsibilities defined

Segregation of duties implemented

Threat intelligence monitoring

People Controls

Rigorous employee screening

Comprehensive security training

Clear terms and conditions of employment

Disciplinary processes for security violations

Confidentiality agreements enforced

Physical Controls

Secure physical perimeters

Controlled physical entry

Secure offices and facilities

Protection against physical and environmental threats

Technological Controls

User endpoint security

Privileged access rights management

Information access restrictions

Protection against malware

Single operator across infrastructure and incidents

Asergo operates hardware, network, and platform, and handles infrastructure recovery without cross-vendor escalation.

Security controls are applied where workloads run

Physical access, network policy, and platform controls are managed by the same operations function.

Data residency and compliance stay in one Danish scope

Customer data and operational responsibility remain in Denmark, which helps narrow GDPR audit scope.

Core operations avoid public cloud control planes

Day-to-day operations run without third-party cloud control-plane dependency, reducing external coordination overhead.

Platform configuration, on your request

Platform settings can be adjusted when workload constraints do not fit standard defaults.

Supplier Autonomy

Infrastructure operated by Asergo, not a public cloud vendor

Asergo operates the infrastructure layer directly. Core operations do not depend on third-party cloud control planes.

That gives clear ownership in incidents, changes, and compliance reviews.

Read more about our infrastructure

GDPR Compliance

Your Data, Your Rights

Asergo is GDPR Compliant. We prioritize the protection of your data. The EU General Data Protection Regulation (GDPR) is a data privacy law implemented by the European Union. Effective from May 25, 2018, it is one of the world's leading data privacy legislations. GDPR aims to honor the privacy of persons residing in the EU by protecting their:

Right to access

Right to rectification

Right to erasure

Right to restriction of processing

Right to data portability

Right to object

Right to avoid automated decision-making

Our GDPR Roles: Your Trust, Our Responsibility

Data is essential for running Asergo's services and critical for the safety of our services and users. This policy explains what information we collect, why we collect it, and how we use it. We make legal and binding contractual commitments available to customers through a Data Processing and Confidentiality Agreement compliant with GDPR. If your company collects, stores, or analyzes European residents' personal data, GDPR provisions require you to use a compliant third-party Data Processor, like Asergo, as your hosting provider.

To achieve GDPR compliance, we have implemented appropriate technical and organizational measures. These include internal data protection policies such as staff training, internal audits of processing activities, and internal policy reviews. Our appointed Data Protection Officer (DPO) maintains relevant documentation on processing activities. We implement measures that meet the principles of data protection by design and data protection by default, including data minimization, pseudonymization, and transparency.

FAQ

Frequently Asked Questions

Here are some of the most frequently asked questions about Asergo. If you have any other questions, please contact us.