Compliances and data protection.

Read more

We are deeply serious about data security.

HereTask aspires to fully comply with all government data security guidelines in our operational regions — to ensure that third parties do not misuse our customers' data.


We always use full TLS, HTTPS and SSL 256-bit security encryption of data in transit.


Logging of all API, user access and application activity on the platform.


Strict procedures for employee access to the production environment and customer data.

Background check

Comprehensive security check on technical staff with personal individual access keys and monitoring at facilities.


European customers only access data from our certified supplier located within the EU regions.

Remote access

Employees are only granted remote access to the platform, and no access is granted for local storage of sensitive data.


The data stored by our services is backed up daily


Hardware reuse is only done by restoring factory settings, and hardware destruction is done according to the market standard.

GDPR compliant

General Data Protection Regulation.

We strictly enforce GDPR and best practices for all our customers, no matter their geographical origin. The regulation is based on EU law and ensures data protection and privacy for all individuals.

The GDPR places obligations on data controllers and processors to ensure that information or communications relating to the processing of personal data be easily accessible and drafted in clear, plain language.

Data processor agreement.

In all our customer relationships, we process personal data on behalf of our customers. In this relationship, our customers are data controllers, and we are data processors.

This means that we and our customers are obliged to enter into a data processing agreement, which in terms of content, must meet the requirements of the GDPR.

HereTask uses guidelines from the Danish Data Protection Agency's standard contract provisions as a data processing agreement. This provides the best starting point to fulfil our joint obligation to enter a valid data processing agreement.