Process & Security
Trust one-pager
How we work

Clear process. Full data sovereignty. No surprises.

Mid-market companies and public-sector organisations need reliability. That is why we are transparent from the start about how a project runs and what happens to your data.

How a project works

  • 1
    Free initial analysis
    ~60 min: We identify the biggest levers, no obligation.
  • 2
    Discovery & proposal
    Clearly scoped pilot, fixed price, milestone plan 40/40/20.
  • 3
    Implementation
    Setup, development & testing: first results after 30 days, live in around 5–6 weeks.
  • 4
    Handover & hypercare
    Documentation, onboarding, emergency runbook, 14 days of fine-tuning.
  • 5
    SLA operations
    Monitoring, updates, and further development on retainer.

Security & data protection

  • GDPR by designPrivacy built in from the first sketch
  • DPA under Art. 28 GDPRready for signature
  • Self-hosted possibleon German servers
  • Data in your own tenantno sharing with third parties
  • Human-in-the-loopcritical steps only with approval
  • EU AI Act preparationgovernance documentation from day one
Contract documents
NDA (bilateral)DPA under Art. 28Retainer / SLA agreement
Minimum retainer term 6 months, cancellation 1 month to end of month. All cloud flows and documentation remain accessible in your tenant; orderly handover and representation possible at any time. Questions about data protection? Simon Glowik · s.glowik@nordflux.de · +49 3841 2890920
NordFlux UG · Process & Securitynordflux.de