This page provides detailed information about the security measures
implemented in the d‑basics data extraction service.
Security d-basics Collector and d‑basics
Portal
Click the sections below to learn how security is integrated into the design
of d‑basics Collector
and d‑basics Portal:
Security d‑basics
Collector
The tables below outline various security
aspects of d‑basics Collector
v2 and Collector Online, highlighting
the key differences.
Location software and data processing
This section compares where the software is deployed and
where data is processed for both deployment options.
| |
d‑basics Collector
v2 (on-premises) |
Collector Online
(SaaS) |
| Deployment option |
On-premises |
SaaS (Online) |
| Is software installation required? |
Yes |
No |
| Software installation location |
Client’s environment |
d‑basics datacenter environment (Europe) |
| Data processing location |
Client’s environment |
d‑basics datacenter environment (Europe) |
Connection database accounting software
This section outlines access requirements and how secure
connections are established for each option.
| |
d‑basics Collector
v2 (on-premises) |
Collector Online
(SaaS) |
| Access rights (database/API) |
Read-only access to the accounting database |
Read-only access via the accounting software’s API |
| User account (database/API) |
Preferably a dedicated database user account used
only by d‑basics
Collector |
Preferably a dedicated API user account used only
by d‑basics Collector |
| Secure connection |
Within the LAN; the ability to establish a secure
connection depends on the database type and the client’s
configuration |
Via WAN (internet) to the accounting software’s
API; the security type depends on the online accounting
software/API |
Access to Collector
software
This section covers how users access the software and which
authentication controls apply.
| |
d‑basics Collector
v2 (on-premises) |
Collector Online
(SaaS) |
| User account management |
User accounts can be managed by the client via the
d‑basics Portal |
User accounts can be managed by the client via the
d‑basics Portal |
| Access to user interface |
Open in a web browser via an internal URL |
Open in a web browser via the d‑basics
Portal |
| Multi-factor authentication (MFA) |
Logins currently require a username and password.
MFA is planned as an optional feature. |
Logins require a username, password, and a whitelisted
IP address. Additional MFA methods are planned. |
Data storage d‑basics
Collector
This section covers how d‑basics
Collector stores the data
that is processed by the software.
| |
d‑basics Collector
v2 (on-premises) |
Collector Online
(SaaS) |
| Type of database |
SQLite database, file-based, no installation required |
SQLite database, file-based |
| Protection data in database |
Data is encrypted using AES-256 and requires a password
for access |
Data is encrypted using AES-256 and requires a password
for access |
| Availability of database |
Stored in the installation folder of d‑basics
Collector. As the
software runs as a service, the database remains continuously
connected |
Available only during an active data extraction
task. When idle, the database is stored in encrypted
storage |
| Data retention |
Each extraction session overwrites previous session
details. Accumulated information and send history per
session are retained until the session is deleted. The
number of sessions to keep can be set by the client;
older sessions are deleted automatically |
Each extraction session overwrites previous session
details. Accumulated information and send history per
session are retained until the session is deleted. The
number of sessions to keep can be set by the client;
older sessions are deleted automatically |
| Backup of database |
Client is responsible for backing up the d‑basics
Collector database |
Databases are backed up by d‑basics. Retention
period is 26 weeks |
| Deletion database |
When d‑basics
Collector is no longer used, the client must
uninstall the software and manually delete the database |
Databases are automatically deleted 30 days after
the Collector Online
subscription expires |
Storage and upload of data files
This section covers how stores and transmits data files.
| |
d‑basics Collector
v2 (on-premises) |
Collector Online
(SaaS) |
| Storage of data files |
After importing and validating data, files are stored
in AES-256 encrypted storage. New files overwrite those
from the previous session. |
After importing and validating data, files are stored
in AES-256 encrypted storage. New files overwrite those
from the previous session. |
| Upload of data files |
If the recipient supports automatic upload, files
are sent over a secure connection. The type of security
depends on the recipient. Files are uploaded directly
without passing through d‑basics-managed systems.
|
If the recipient supports automatic upload, files
are sent over a secure connection. The type of security
depends on the recipient. |
| Copy of data files |
Files can be saved to disk. The client is responsible
for deletion, backup, and access management. |
d‑basics Collector
can upload files to the d‑basics Secure File Share.
Uploaded files can be downloaded by client and recipient
via the d‑basics
Portal. Files in Secure File Share are AES-256
encrypted and retained for 30 days before automatic
deletion. |
| Deletion file storage |
When d‑basics
Collector is no longer used, the client must
uninstall the software and manually delete stored files. |
Files are automatically deleted 30 days after the
Collector Online
subscription expires. |
Security d‑basics
Portal
The table below outlines various
security aspects of d‑basics
Portal
| |
d‑basics
Portal v2 (on-premises) |
| Portal
location |
https://online.d‑basics.com - hosted in
d‑basics datacenter environment (Europe) |
| Data processing location |
d‑basics datacenter environment (Europe) |
| User account management |
User accounts can be managed by the client via
d‑basics Portal |
| Multi-factor authentication (MFA) |
Logins require a username, password, and a whitelisted
IP address. Additional MFA methods are planned. |
| Information processed by d‑basics
Portal |
- client contact and subscription information,
including client users
- technical log information
- Collector
Online databases
- d‑basics Secure file share files
|
| Tasks that d‑basics can perform
via d‑basics
Portal |
- automatically deploy updates of d‑basics
Collector
software
- manage subscriptions and client contact
information
- analyze technical log information
- manage the settings of d‑basics
Collector
(on-premises and SaaS)
- connect to d‑basics
Collector
(on-premises) using Remote
Collector
functionality (requires client approval)
- connect to d‑basics Online (requires
client approval)
- check if d‑basics
Collector
v2 (on-premises) is running and restart the
d‑basics
Collector v2 services that are running
in the client environment
- trigger data extraction tasks
|
| Data retention |
- Client contact information, including user
details, is automatically deleted 90 days after
the d‑basics
Collector
subscription expires
- Technical log information is automatically
deleted after 90 days
- Collector
Online databases are automatically deleted 90
days after the d‑basics
Collector
subscription expires
- d‑basics Secure file share files are
are automatically deleted 30 days after upload
|
ISO certification
d‑basics operates in accordance with
the ISO/IEC 27001:2022 standard for information security
management and the ISO 9001 standard for quality management.
These internationally recognized frameworks ensure that data security
and service quality are embedded in every aspect of our operations.
Among the measures that d‑basics implements
to maintain security and drive continuous improvement are:
-
Annual External Audit
Our ISMS and QMS are audited annually by an accredited, independent
body to ensure ISO compliance
-
Annual Penetration Testing
All d‑basics software, including
Collector Online and the d‑basics
Portal, undergoes yearly penetration
testing by certified security specialists. This ensures that potential
vulnerabilities are identified and remediated promptly.
-
Risk Management and Continuous Improvement
In line with ISO 27001 requirements, we perform regular risk assessments,
apply security controls, and monitor their effectiveness. This proactive
approach helps us maintain a secure environment for data processing
and transmission.
-
Access Control and Data Protection
Strict access management, encryption (AES-256), and secure communication
protocols are enforced to protect sensitive data throughout its lifecycle.
By adhering to these standards and practices, d‑basics ensures
a safe, reliable, and high-quality
environment for all services, including
Collector Online and the
d‑basics Portal.