Privacy & Compliance
Health and performance data is highly sensitive. The Datico® LIFE HUB is designed so that every technical and organisational measure is aligned to maximum protection from the ground up — from dedicated database architecture to exclusive development and hosting in Germany.
Data in Consistency
Every customer. One dedicated database.
This is the most fundamental security principle of the LIFE HUB: no customer shares a database with another. Every organisation receives its own fully isolated tenant with a dedicated database — no shared tables, no shared schemas, no technical touchpoints between customers. A fault or vulnerability in one system cannot affect another system.
Hosting & Development
Everything in Germany. No exceptions.
At Datico®, "Made in Germany" is not a marketing claim but a technical and organisational fact: hosting, software development, and data storage take place exclusively in Germany.
Server Hosting in Germany
All LIFE HUB instances run on servers physically located in Germany. No fallback to EU data centres outside Germany, no US cloud providers, no data transfer to third countries.
Software Development in Germany
The entire LIFE HUB development — from architecture to deployment — is carried out by our team in Germany. No outsourcing to countries with different data protection standards. Full control over source code and infrastructure.
German Law & GDPR
Contractual relationships, data processing agreements, and privacy arrangements are governed by German law. A Data Processing Agreement (DPA) pursuant to Art. 28 GDPR is concluded with every customer.
Technical Security
Encrypted. Access-controlled. Audited.
Technical data protection starts with architecture, not documentation. All the following measures are a fixed part of every LIFE HUB installation.
ENCRYPTED TRANSMISSION
All connections to the LIFE HUB — browser, app, API — run exclusively over TLS 1.2+. Unencrypted HTTP connections are blocked at system level and redirected to HTTPS.
ROLE-BASED ACCESS CONTROL
Every data access is controlled by the Roles & Rights system. No user can see data outside their defined permissions — neither accidentally nor through a technical weakness.
AUDIT TRAIL
All security-relevant events — logins, data access, changes, exports — are logged without gaps. Tamper protection through immutable log entries.
DATA MINIMISATION BY DESIGN
The LIFE HUB collects and stores only data necessary for the respective function. Privacy by Design and Privacy by Default are development principles, not a retrospective compliance exercise.
DOUBLE OPT-IN
Consents from patients and athletes are managed within the system. Double-confirmed consents, traceably documented and revocable at any time — compliant with GDPR Art. 7.
BACKUP & DATA INTEGRITY
Regular, automated backups of dedicated customer databases. Recovery processes are documented and tested regularly. No data loss from system faults.
Regulatory Framework
GDPR-compliant. BSI C5-oriented.
The Datico® LIFE HUB meets all regulatory requirements applicable in Germany for the compliant processing of health and performance data.
General Data Protection Regulation (EU 2016/679)
The LIFE HUB is GDPR-compliant by design from the ground up. All core principles — lawfulness, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality — are embedded in the platform architecture.
- Art. 5 – Principles of data processing: implemented through Privacy by Design
- Art. 7 – Consent: Double Opt-In system in the LIFE HUB
- Art. 25 – Data protection by design: a design principle, not an afterthought
- Art. 28 – Data processing: DPA concluded with every customer
- Art. 30 – Records of processing activities: LIFE HUB supports documentation
- Art. 32 – Security of processing: TLS, RBAC, Audit Trail, Tenant Isolation
BSI Cloud Computing Compliance Criteria Catalogue
Important note: Datico® holds no official BSI C5 attestation. We use the BSI C5 criteria as a quality benchmark and implement the relevant technical and organisational measures — however, no formal certification exists and none is currently being pursued.
The BSI Cloud Computing Compliance Criteria Catalogue defines minimum requirements for secure cloud services. We use this catalogue as a substantive guide for our security architecture — with the aim of fulfilling all material requirements relevant to the German market.
- Information security management (OIS)
- Asset management and network security (AM, COS)
- Identity and access management (IDM)
- Cryptography and key management (CRY)
- Operational security and incident management (OPS, INM)
- Portability and interoperability (PI)
The bottom line for your compliance
The Datico® LIFE HUB meets all technical and organisational requirements demanded in Germany for the legally secure processing of sensitive health and performance data. Dedicated tenant separation, hosting in Germany, encrypted transmission, GDPR-compliant development, and alignment with the BSI C5 criteria together form the security foundation — without compromise.
Industry-specific Requirements
Compliance in your sector.
Medical data is subject to the strictest data protection requirements. The LIFE HUB processes no data outside Germany, supports professional confidentiality through a strict role concept, and provides a DPA basis for use as a data processor under GDPR.
Performance and health data of athletes is personal data of a special category. The Roles & Rights framework ensures that athlete data is accessible only to authorised individuals — coaching staff, medical teams, federation level — without data protection risk.
Military, police, and fire services have confidentiality requirements beyond the GDPR. The dedicated tenant architecture ensures no data is shared with other organisations. On-premises operation is available for elevated security requirements.
Studies involving patient data require GCP compliance and demonstrable data separation. Research projects in the LIFE HUB receive project-specific data spaces with documented access records — suitable for ethics committees and auditors.
Standards & Measures
Let's talk.
Success is built through collaboration.
Personal Consultation
Discuss your specific use case directly with one of our experts — individual, structured, and solution-focused.
Book appointmentBook a Live Demo
Experience the Datico® LIFE HUB and its key features live — tailored to your requirements.
Request demo30-Day Free Trial
Start your 30-day free trial — full feature set, personal onboarding, no contract required.
Request trial accessJoin a Live Webinar
Compact insights into features, use cases and best practices — live and interactive with our experts.
View webinars