LIVE DEMO START TRIAL
LIVE DEMO START TRIAL
BOOK DEMO START TRIAL

Because we care...

PSOhub Security & Trust Center 

Built for peace of mind — powered by Mendix, AWS & OpenAI 

At PSOhub, data security, privacy, and compliance are core to how we design, build, and operate our platform. 

We deliver our software exclusively as a cloud-based SaaS solution, built on the Mendix low-code platform, hosted securely on Amazon Web Services (AWS), and enhanced with OpenAI for optional AI-powered capabilities. 

PSOHUB_M_14

 

Our Security Foundation 

PSOhub’s architecture inherits the world-class security standards of our technology partners:  
 

Infrastructure Layer

Provider

Amazon_Web_Services_Logo.svg

Key Certifications & Controls

   AICPA-Logo - Western Resources Title   SOC 2 Compliance - FYIsoftAICPA SOC 3 Compliance Certification Service in Bengaluru ...PCI Level 1 Compliance Explained | Invoiced  CSA STAR | BARR Advisory   Public Register

- Multi-AZ redundancy
- DDoS protection
- Encrypted storage (RDS & S3) 
- Continuous monitoring

Application Platform Layer

Provider

Mendix-Primary-Logo-RGB-Blue.svg

Key Certifications & Controls

    AICPA-Logo - Western Resources Title     HIPAA Compliance Services | Anderson Technologies  PCI Level 1 Compliance Explained | Invoiced

- Annual third-party audits
- Continuous ISMS monitoring

AI Layer (Optional)

Provider

OpenAI_Logo.svg

Key Certifications & Controls

    SOC 2 Compliance - FYIsoft

- GDPR-compliant data handling
- No model training on PSOhub data
- Customers must sign the OpenAI Data Use Agreement before activation. 

Application & Data Management 

Provider

PSOHUB_Logo_Tagline_premium_RGB

Key Certifications & Controls

-  Role-based access control 
Data encryption 
Incident response plan 
GDPR/ Data Act-compliant data export & deletion procedures. 

 Shared Responsibility Model 

Security is a shared effort between PSOhub and our technology providers.

Amazon_Web_Services_Logo.svg

AWS

AWS secures the physical data centers, networking, and storage infrastructure (“security of the cloud”).

Mendix-Primary-Logo-RGB-Blue.svg

Mendix

Mendix secures the application platform, including authentication, encryption, and runtime management

PSOHUB_Logo_Small_Tagline

PSOhub

PSOhub secures how the software is built, configured, and operated (“security in the cloud”).

OpenAI_Logo.svg

OpenAI

OpenAI provides secure AI services via API. PSOhub ensures no personal data is sent unless explicitly approved by the customer.

This layered approach ensures enterprise-grade protection while allowing flexibility and transparency for our customers.

Data Encryption & Protection

door-lock

Encryption in transit

All data between users and PSOhub runs through HTTPS/TLS 1.2+ (end-to-end encrypted).

file-cabinet

Encryption at rest

All application and file data stored in AWS RDS and S3 is AES-256 encrypted by default.

folder

Optional end-to-end encryption modules

Mendix offers additional AES encryption modules for sensitive data sets.

employee-transfer

Access control

Fine-grained role-based permissions down to entity and field level.

browser

Defense in depth

Multi-layer security model combining infrastructure, application, and governance controls.

PSOHUB_M_03

Responsible AI
(OpenAI Integration)

Some PSOhub features use OpenAI technology to improve productivity and insight.

  • Activation requires explicit customer consent via a separate OpenAI Data Use Agreement.
  • No customer data is used to train OpenAI models.
  • Data is processed securely under GDPR and SOC 2 controls.
  • Customers can disable or delete AI-related data at any time.

We integrate AI responsibly — always transparent, optional, and privacy-first.

Compliance & Privacy

PSOhub adheres to European and international standards for privacy and cybersecurity:

GDPR / AVG

Full compliance as Data Controller. Mendix acts as Data Processor; DPA available.

EU Data Act (2025)

Data portability, transparent export, and cloud exit rights built into PSOhub.

NIS2

Proactive alignment with security governance, incident response, and risk management principles.

HIPAA / NEN 7510 (via Mendix)

Ensures compatibility for healthcare-related use cases.

ISO 27001

Readiness (PSOhub) – internal security roadmap towards certification in 2026.

Continuous Auditing & Monitoring

 

magnifier

Annual third-party audits

Mendix and AWS undergo yearly SOC 1/2, ISO, and PCI DSS assessments.

sync

24/7 platform monitoring

Automated detection of vulnerabilities and anomalies.

contract

Security incident management

Documented process to notify affected customers within 24 hours.

signpost

Penetration testing

Regular external and internal tests to identify and resolve vulnerabilities.

target

ISO 27001 readiness (PSOhub) 

Internal security roadmap towards certification in 2026.

PSOHUB_M_06

Data Residency & Sovereignty

  • Data is hosted in EU-based AWS data centers.
  • Mendix and AWS follow strict data-location guarantees — data is never moved outside the selected region without explicit consent.

Sub-Processors & Transparency

We maintain Data Processing Agreements (DPAs) with all our key partners:

Amazon_Web_Services_Logo.svg

AWS

Infrastructure & storage provider (Dublin/ Frankfurt).

Mendix-Primary-Logo-RGB-Blue.svg

Mendix

Application platform provider (Netherlands).

OpenAI_Logo.svg

OpenAI

AI provider (via API, optional).

A current list of sub-processors and their regions is available on request.

Summary

PSOhub delivers a secure, reliable, and transparent SaaS platform — leveraging the combined compliance of AWS, Mendix, and OpenAI, while maintaining strict control over data access, encryption, and privacy. 

With continuous auditing, ISO-aligned processes, and clear customer agreements, we ensure your business data remains protected — always.