Security & GDPR

Maximum security for your clients' data

Built with a focus on confidentiality and GDPR compliance

Flowdule takes data security seriously. We comply with all GDPR requirements and use bank-level encryption to protect your clients' sensitive information.

Security First

Security is our highest priority

Protect your clients' confidential information

As a psychologist, you work with some of the most sensitive information available. Trust is the foundation of your work, which is why we have built Flowdule with security as the absolute top priority. All data is encrypted both in transit and at rest. Our servers are located in Denmark and comply with all Danish and European legal requirements. You can feel confident that Flowdule protects your clients' confidentiality.
Security Features

Advanced security at all levels

Bank-level protection

256-bit SSL Encryption

All data is encrypted using AES-256 encryption - the same standard banks use.

Danish Servers

Data is stored on servers in Denmark at certified data centers with ISO 27001.

Two-Factor Authentication

Extra layer of security when logging in with SMS or authenticator app.

Access Control

Detailed control over who can see and edit what. Perfect for clinics.

Audit Logs

All actions are logged. See exactly who accessed what data and when.

Automatic Backup

Daily backups to secure locations. Your data will never be lost.

GDPR Compliance

Full GDPR compliance

All the tools you need

Consent Management

Collect and manage client consent for data processing and communication.

Right of Access

Clients can request to see all data you have about them - easily exported.

Right to Erasure

Permanently delete all client data with one click when required.

Data Portability

Export all client data in a machine-readable format (JSON/CSV).

Data Processing Agreement

We offer a clear data processing agreement that meets all GDPR requirements.

Data Breach Procedures

Clear procedures and notifications in the unlikely event of a data breach.

Certifications

Certified and Audited

Independent verification of our security

International Standards ✓ ISO 27001 certified data center ✓ SOC 2 Type II compliance ✓ GDPR compliant by design ✓ Regular security audits ✓ Quarterly penetration testing ✓ Bug bounty program We take security so seriously that we invite independent experts to test our systems continuously.
Danish Legal Requirements ✓ Authorization Act §21 (confidentiality) ✓ Health Act §42a (journaling) ✓ General Data Protection Regulation (GDPR) ✓ Data Protection Act ✓ Danish Health Data Authority guidelines ✓ Danish Data Protection Agency guidelines Flowdule is designed to comply with all relevant Danish laws for psychologists.
How We Protect Data

Multiple layers of security

Defense in depth strategy

1

Encryption on input

Data is already encrypted in your browser as you type using TLS 1.3

2

Secure transmission

Data is sent encrypted over the internet - no one can read it in transit

3

Encryption at rest

Data is stored encrypted on disk with AES-256 - even with physical access to servers, no one can read it

4

Access control

Only authorized users with correct login can decrypt and view data

5

Audit logging

All attempts to access data are logged and can be audited

Technical Details

In-depth security information

For the technically inclined

**Encryption Specifications** Transport Layer Security (TLS): - TLS 1.3 protocol - Perfect Forward Secrecy - A+ rating on SSL Labs Data-at-Rest: - AES-256-GCM encryption - Unique encryption keys per tenant - Hardware Security Module (HSM) for key management Database: - Transparent Data Encryption (TDE) - Column-level encryption for sensitive fields - Encrypted backups

"Security is not a feature - it's the foundation of how we build software. Our clients trust us with their most sensitive data, and we take that responsibility extremely seriously."

Lars Pedersen

Chief Security Officer • Flowdule

Security FAQ

Questions about security

Answers to common security questions

Do you have more security questions?

Contact our security team

Contact SecurityRead More About GDPR