Security & GDPR
How we keep your VDE data safe
Most of our customers are German electrical shops, property managers, and audit-bound contractors. Their compliance officers ask the same questions before signing — here are the answers in one place.
[Placeholder — review with Anke (GDPR) before publishing. Replace any AI-drafted copy with vetted text.]
EU-hosted, German jurisdiction
All customer data is stored on servers physically located in the European Union. The contracting entity (onstruc UG) is based in Germany and bound by German data-protection law.
Encryption in transit and at rest
All connections to the API and webclient use TLS 1.2+. Cloud storage is encrypted at rest. PDFs generated cloud-side inherit the same protections.
Workspace access control
Each workspace has Admin / Member / Viewer roles. Members only see what their role allows; Admins can audit role changes and user assignments.
Data retention defaults
Active accounts retain all data indefinitely. Trial accounts retain everything created during and before the trial unless the user explicitly deletes it.
Account deletion on request
Email support@sparkify.cloud and we'll permanently delete your account, projects, photos and PDFs within 30 days, in line with GDPR Art. 17.
Audit-friendly reports
Generated VDE PDFs include timestamp, signing party and project metadata — designed to satisfy ZVEH and prüfsachverständige expectations.
GDPR / DSGVO posture
Sparkify processes personal data (electrician name, customer name, photos, signatures) on a contract-execution legal basis (Art. 6(1)(b) GDPR). Data is processed only to deliver the service and produce reports. No data is shared with advertisers.
Read the full privacy policy → · Contact our data protection officer →
Need a custom DPA or vendor-security questionnaire?
We're happy to walk through your compliance template on a 15-min call. Most multi-user shops finish vendor onboarding in one session.
Book a demo →