Data Protection, Security & Compliance

Fabasoft is one of the pioneers in the field of information security and data protection. Our customers benefit from the advantages of the highly developed security level of Fabasoft products and services.

Certified Compliance

Fabsoft is committed to the protection of corporate data. Certifications and audits are part of our commitment to excellence and continuous quality improvement and form the basis for the value we provide to our customers through all of the processes, programs, products and solutions we offer.

Certifications and Audits

Obligatory security

With the adoption of the Fabasoft Guideline for Information Security as part of Fabasoft's overall strategy, Fabasoft is placing data protection and information security on a binding level. The Guideline for Information Security communicates the importance of information security, Fabasoft's information security goals, the organization of information security management, security measures taken and the continuous improvement efforts in the area of information security.

Fabasoft Guideline for Information Security

Active data protection

Data protection is a particularly high priority at Fabasoft Group. Fabasoft AG and its subsidiaries are committed to protecting information and in particular personal data. You can read about how we process and protect personal data from external persons and companies in the Fabasoft data protection declaration.

Fabasoft Privacy Statement

Responsible action

The Fabasoft Code of Conduct defines the requirements and principles for cooperation with contractors and forms the basis for reasonable and harmless behavior. As Fabasoft's business partners, Contractors accept the "Fabasoft AG Conditions of Purchase for Fabasoft and its subsidiaries" and all associated agreements, including the Fabasoft Code of Conduct for Contractors.

Fabasoft Code of Conduct for Contractors

Framework Agreement for Internal Data Processing within the Fabasoft Group

There are different interfaces and data processing steps within the Fabasoft Group, in which the different individual personal data processing services are carried out among the companies within the group. The regulations defined in the “Framework agreement for internal data processing within the Fabasoft group” reflect the respective roles of the companies of the Fabasoft Group as joint controllers in a transparent manner pursuant to Art. 26 GDPR or as controller and processor pursuant to Art. 28 GDPR as well as the lawful form of this legal relationship, in particular in compliance with the regulations of the GDPR or the respective national data protection regulations. In the case of a breach of the framework agreement and/or applicable data protection provisions, Fabasoft International Services GmbH, FN 271303a, Honauerstraße 4, 4020 Linz, has undertaken to assume liability for claims by a data subject. Thus, a place of jurisdiction within the EU is available to the data subjects for the assertion of their rights.

The Framework Agreement in the valid version is available as download under the following link: Framework agreement für Internal Data Processing


The new standard contractual clauses (SCC) both for data transfers to controllers, to processors and to sub-processors in third countries are mandatory from 07th September 2021 for new data processing contracts to be concluded. From 07th December 2022, these are also binding (retroactively) for existing contracts. The new standard contractual clauses (SCC) can be found under the following link: EUR-Lex - 32021D0914 (