Security
Security, reliability and compliance for professional EV charging operations.
Reliable by design
The Plugchoice platform runs on a Kubernetes cluster with automated failover across multiple EU data centers. Built for always-on operation.
Redundant infrastructure
Kubernetes orchestration with multi-node clusters and automated pod rescheduling. Fallback servers across multiple EU data centers ensure geographic redundancy.
Continuous monitoring
Infrastructure and application health monitored 24/7. Anomalies detected and flagged before they affect operations.
Automated backups
Data backed up automatically on a regular schedule. Recovery procedures tested to ensure data integrity.
Zero-downtime deployments
Rolling updates via Kubernetes ensure zero-downtime deployments. Maintenance is scheduled and transparent.
Incident response
Defined incident response process for detection, triage and resolution. Post-incident reviews drive continuous improvement.
Infrastructure
Plugchoice runs on DIN ISO/IEC 27001:2022-certified cloud infrastructure with data centers across Europe. Independently audited by SOCOTEC annually.
DIN ISO/IEC 27001:2022
Our hosting provider's Information Security Management System is certified under DIN ISO/IEC 27001:2022 by SOCOTEC Certification, covering all data center parks used by Plugchoice.
Kubernetes cluster
Multi-node Kubernetes cluster with automated scaling, self-healing pods and rolling deployments. Container orchestration ensures consistent, reproducible infrastructure.
EU data centers
Primary and fallback servers distributed across multiple EU data centers. All data stays within the European Union.
100% renewable energy
All data centers powered by certified hydropower. Average PUE of 1.13, zero water cooling.
DDoS protection
Hardware-based DDoS filtering appliances with automated detection and mitigation. Protects the platform and all connected services.
Physical security
Video-monitored perimeter fencing, electronic access control terminals, 24/7 surveillance and on-site personnel at all data center locations.
Security measures
Security is built into every layer of the platform. These are the practices and controls we apply to protect your data and operations.
Encrypted communications
All data in transit encrypted using TLS 1.2+. Sensitive data at rest encrypted with AES-256. Certificate management automated via Let's Encrypt.
Security reviews
Regular security reviews of codebase and infrastructure to identify and address vulnerabilities.
GDPR-aligned data handling
Personal data processed in accordance with GDPR principles. Data minimization, purpose limitation and transparency built into every process.
Automatic security updates
Dependencies and infrastructure components kept up to date. Security patches applied promptly across the cluster.
Multi-factor authentication
MFA adds an extra layer of protection to user accounts beyond passwords.
Role-based access control
RBAC controls who can view, configure or administer chargers and locations. Principle of least privilege enforced.
Audit logging
All actions within the platform logged for accountability and compliance. Full audit trail per charger and per location.
Privacy & data
Your data belongs to you. We handle it with care and transparency.
Data ownership
Customer data belongs to the customer. You retain full ownership of all data you create or upload to the platform.
Data minimization
We collect only the data necessary to provide our services. No unnecessary tracking, no selling of data.
Retention & deletion
Data retention follows clear policies. You can request deletion of your data at any time.
Subprocessors
We maintain a list of subprocessors involved in data processing. Available on request.
Compliance
- GDPR-aligned data handling across all services
- DIN ISO/IEC 27001:2022-certified hosting infrastructure
- Internal security policies and access controls
- Regular security reviews and testing
- Incident response procedures in place
- Data processing agreements available
- All data hosted within the European Union
Need security details for a tender?
We can provide documentation, answer questionnaires and schedule security briefings.