Enterprise-grade protection for your portfolio company data, built on German infrastructure standards.
Your data is hosted exclusively in EU data centers operated by Hetzner, a German cloud provider with enterprise-grade security certifications.
Information Security Management System certified across all data centers
Cloud security controls verified over time by Federal Office for Information Security
Classified as critical infrastructure operator under German law
Data processing within EU jurisdiction, no third-country transfers
Technical and Organizational Measures (TOMs) are independently audited by TÜV Rheinland.
Data center locations: Nuremberg, Falkenstein (Germany), Helsinki (Finland)
Security is embedded at every layer of the ValueGen platform, from network to database.
| Layer | Protection |
|---|---|
| Encryption in Transit | TLS 1.3 via Let's Encrypt with auto-renewed certificates |
| Authentication | JWT tokens in httpOnly cookies with secure + sameSite flags |
| MFA Support | Optional two-factor authentication for admin accounts |
| Tenant Isolation | PostgreSQL Row-Level Security (RLS) — each PE firm's data is cryptographically isolated at the database level |
| Network Isolation | Internal Docker networks; only reverse proxy exposed publicly |
| Password Storage | Bcrypt hashing with salt — never stored in plain text |
Defense-in-depth approach with multiple security layers at the operating system level.
| Measure | Implementation |
|---|---|
| Firewall | UFW configured with only ports 80/443 exposed |
| Intrusion Prevention | fail2ban actively blocks brute-force login attempts |
| OS Security | Ubuntu 22.04 LTS with automatic unattended security updates |
| Access Control | SSH key authentication only — password auth disabled |
Security designed specifically for the regulatory and confidentiality requirements of private equity.
Your portfolio company data never leaves EU jurisdiction. German-owned infrastructure means no exposure to US Cloud Act or foreign data access requests.
ISO 27001 + BSI C5 certifications satisfy due diligence requirements for most LPs and regulatory bodies. Documentation available on request.
Complete activity logging tracks all user actions, document access, and data changes. Export audit reports for compliance reviews.
Each PE firm's data is separated at the database level with Row-Level Security. No risk of cross-tenant data leakage.
Your data is protected by German engineering standards: ISO 27001-certified infrastructure, database-level tenant isolation, and encryption at every layer — all within EU borders.
Schedule a demo to see how ValueGen protects your sensitive portfolio company information.