Concentio
Features Pricing Documentation Contact
Login Get Started
Language English Deutsch Français Español Italiano Dansk Português Nederlands

Security and Trust

As a consent management platform, we understand that our customers trust us with sensitive compliance data. Security is fundamental to how we build and operate Concentio.

Our Approach

Concentio is designed with security as a core principle, not an afterthought. While we are an early-stage company and do not yet hold formal security certifications, we have built our platform with strong security foundations from day one.

Tenant Isolation

Every customer account is strictly isolated at the database level using account-scoped queries. There is no shared data space between tenants. All API requests are authenticated and authorized against the requesting account.

Encryption

All data in transit is protected with TLS/HTTPS. Passwords are securely hashed using industry-standard algorithms. Database connections are encrypted.

Authentication and Access

Customer accounts are protected by secure authentication. Our internal support tools require separate authentication and all administrative actions are logged in an audit trail.

Audit Logging

All significant account actions are logged with timestamps, user identification, and action details. Consent records include complete audit trails with visitor identifiers, timestamps, IP addresses, and banner versions.

Payment Security

We do not store credit card information. All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor.

Data Residency

Concentio's platform is hosted on Microsoft Azure in EU West (Netherlands). All customer data is stored within the European Union.

What We Are Working On

We are transparent about where we are in our security journey. As we grow, we plan to pursue formal security certifications and expand our security program. Current priorities include: implementing multi-factor authentication for customer accounts; completing a formal penetration test; establishing a vulnerability disclosure program; and pursuing SOC 2 Type II certification. We will update this page as we reach these milestones.

Responsible Disclosure

If you discover a security vulnerability in Concentio, we encourage you to report it responsibly. Please contact our security team at [email protected]. We ask that you give us reasonable time to investigate and address the issue before any public disclosure.

Questions

If you have questions about our security practices or need additional information for your security review, please contact us at [email protected].

Last updated: June 7, 2026