Enterprise Trust

Security, privacy & compliance center

OpenDPP is built to align with the principles of ISO 27001 & SOC 2. By running on industry-leading EU cloud hosts and applying strict privacy policies, every Digital Product Passport (DPP) is securely stored, sealed, and signed to help you meet your EU regulatory obligations.

Infrastructure & hosting

Certified EU infrastructure providers

OpenDPP runs on certified digital infrastructure providers within the European Economic Area. The certifications below are held by those providers (Google Cloud, Neon); OpenDPP inherits their security and data-residency controls. OpenDPP is itself built to align with the principles of ISO 27001 & SOC 2, with formal certification on our roadmap.

Google Cloud Platform

Compute & application layer in europe-west1 (Belgium). Active compute nodes reside within EU borders, inheriting Google Cloud's physical security, biometric access restrictions and hardware lifecycle protections. Google Cloud holds ISO 27001, SOC 2 Type II and SOC 3 certifications and supports GDPR-aligned EU data residency.

Neon PostgreSQL

Database & storage layer in eu-central-1 (Frankfurt). Registry data is logically isolated, encrypted at rest with AES-256 keys and in transit over TLS 1.3. Neon holds ISO 27001:2022, ISO 27701:2019 and SOC 2 Type II certifications and supports GDPR-aligned EU data residency (AWS-hosted).

EU sovereign boundaries

The OpenDPP application and database layer — application nodes, API gateways, database engines and backup systems — runs within the European Union (Belgium and Germany), so your passport data stays EU-hosted. Some functions rely on third-party sub-processors (e.g. Stripe for billing, Firebase / Google for authentication, Iubenda and Google Analytics), which may process limited data under their own terms.

End-to-end encryption

Circularity data, manufacturer metadata and verification events are encrypted in transit with modern TLS 1.3 cryptographic suites and at rest with industry-standard AES-256 encryption.

Review the providers' compliance evidence directly: Google Cloud Compliance Portal · Neon Trust Center

Privacy by design

GDPR & consent management

OpenDPP enforces user privacy rights under the EU General Data Protection Regulation (GDPR) and the ePrivacy Directive.

Active script blocking

We integrate a compliant Iubenda cookie banner that performs automatic cookie and script blocking. Tracking scripts (including Google Analytics) are dynamically held back and only executed after the visitor grants explicit, granular consent.

Privacy-by-default core

No trackers are loaded on the JSON-LD data layers served to machine crawlers and search-engine indexing bots, maintaining a clean, data-efficient compliance resolver.

Audit logging

Access-log anonymization

While OpenDPP logs query events in the AccessAuditLog to audit passport integrity, it prevents the accumulation of personally identifiable information (PII) through strict IP anonymization.

  • IPv4 masking (subnet zeroing)The host identifier is stripped by zeroing the last octet — 192.168.1.123 is recorded as 192.168.1.0 — making it non-traceable to an individual.
  • IPv6 truncation (/48 masking)IPv6 connections are truncated with a /48 subnet mask, retaining general regional metadata for legal compliance while scrubbing unique device and interface identifiers.
Access control

Enterprise SSO & granular access control

OpenDPP is engineered for corporate environments. A fine-grained, secure access-control layer integrates with standard enterprise directory systems while keeping supplier operations isolated.

  • Enterprise Single Sign-On (SSO). Connect existing corporate Identity Providers (IdPs) such as Okta, Keycloak, Ping Identity or Azure AD. We dynamically verify signatures on OIDC tokens using JWKS endpoints for stateless, cryptographically secure verification.
  • Granular Permission-Based Access Control (PBAC). Avoiding broad, insecure roles, OpenDPP runs a precise permission check on every endpoint query, supporting 8 specialized roles — including dedicated Compliance Officers (eIDAS key operations) and Surveillance Officers (read-only verification audits).
  • Row-level supplier isolation (anti-competitor probing). Facility Agents representing external suppliers are restricted to their assigned operator identifiers. The node programmatically blocks cross-operator requests at the API gateway, preventing industrial espionage or competitive data leaks.
NIS2 alignment

NIS2 directive & supply-chain integrity

The EU NIS2 Directive (Network and Information Systems Directive 2) places critical emphasis on the security and resilience of digital supply chains. OpenDPP is designed to align with these demands through structured infrastructure controls.

UNTP supply-chain trace verification

OpenDPP supports NIS2 Article 21-aligned supply-chain integrity controls by cryptographically verifying custody transfers and transaction events. Ingested events are wrapped inside signed, VC-shaped UNTP credentials following the UN Transparency Protocol (UNTP), resolving publisher DIDs and, where the node is configured with eIDAS trust anchors, validating x5c certificate chains against them.

By building on Google Cloud and Neon Postgres, OpenDPP runs on infrastructure that meets standard supply-chain risk requirements. Both providers are widely-trusted digital services — localized in the EU (GCP Europe / AWS Europe) with GDPR-aligned data-residency controls.

— Built on certified EU infrastructure
Shared responsibility

The shared responsibility model

Robust security requires a collaborative division of tasks between our underlying infrastructure hosts and the OpenDPP application layers.

Infrastructure hosts

GCP & Neon. Physical security (biometric gates, surveillance, 24/7 guards, perimeter fencing), hardware and hypervisor isolation, and high-capacity DDoS protection with edge rate limiting and backbone filters.

Cryptographic eIDAS signing

OpenDPP application layer. Secure custody of asymmetric ECC signing keys, encrypted per-tenant in PostgreSQL (the VaultKey table) and bound to each tenant as GCM additional authenticated data.

OIDC SSO & granular PBAC

OpenDPP application layer. Enterprise SSO via JWKS verification, mapping 8 standard platform roles to fine-grained permission scopes, and enforcing strict row-level supplier boundaries for Facility Agents.

Input validation & schema matching

OpenDPP application layer. Automatic verification of JSON-LD structures to prevent payload injection and maintain registry conformance.

Continuity

Built so your passports outlive any one party

ESPR Article 11(e) requires a Digital Product Passport to stay available for the product's expected lifetime — even after an operator's insolvency, liquidation or cessation of activity. OpenDPP is designed so your passport data survives an operator change, and so you can leave with everything you put in.

  • Recoverable EU hostingPassports run on managed EU PostgreSQL (Neon) with point-in-time restore; per-tenant signing keys are encrypted at rest with AES-256-GCM and never leave the vault.
  • Persistence by designArchiving an operator or workspace does not delete its passports — they stay publicly resolvable through a configurable retention window (15 years by default), and the database refuses to cascade-delete a passport when an operator is removed.
  • Full-fidelity export, on demandExport your entire workspace — operators, facilities, passports, version history, battery units and events — as machine-readable NDJSON with secrets stripped. Your data is portable and yours to take at any time (GDPR Article 28(3)(g)).
  • Single EU region, stated plainlyOpenDPP runs in one EU region today. We don't claim multi-region failover or a recovery-time guarantee — we'd rather state that plainly than imply resilience we haven't built.

A contractual continuity commitment — a data-escrow or successor arrangement so your passports survive even a provider wind-down (ESPR Article 11(e)) — is in progress and will ship with our Data Processing Agreement.

— On our roadmap, not yet contractual

Built for EU compliance, secured by design.

See how OpenDPP issues signed, EU-hosted Digital Product Passports your auditors can trust.

Book a demo
Key takeaways

OpenDPP is built to align with the principles of ISO 27001, SOC 2 and NIS2, and runs on ISO 27001 / SOC 2 Type II-certified infrastructure (Google Cloud + Neon); formal certification of OpenDPP itself is on our roadmap. It incorporates GDPR privacy controls such as explicit Iubenda cookie banner consent management and automated IP address anonymization in access logs.

OpenDPP Security & GDPR Compliance · Last reviewed