Your factory data is safe with us
We understand that production data is sensitive. That's why we built Slimme Fabriek with security-first architecture, strict access controls, and compliance with international standards.
AES-256 Encryption
All data encrypted at rest and in transit with military-grade AES-256 encryption.
Two-Factor Authentication
Optional 2FA for all user accounts. Support for authenticator apps and hardware keys.
Single Sign-On (SSO)
Integrate with Azure AD, Google Workspace, Okta, or any SAML 2.0 / OIDC provider.
Role-Based Access Control
Granular permissions per role: Operator, Team Lead, Maintenance, Admin, Org Admin.
Complete Audit Trail
Every action logged: logins, data access, configuration changes. Export for compliance audits.
On-Premise & Edge AI
Full control with local or private cloud deployment. Run AI models on the edge so sensitive data never leaves the factory.
Compliance & Data Protection
GDPR Compliant
Full compliance with EU data protection
SOC 2 Ready
Controls for security, availability, and confidentiality
Data Sovereignty
All data stored in EU datacenters
Role-Based Access Control
Every user gets exactly the permissions they need—no more, no less.
| Role | Permissions |
|---|---|
| Operator | View alarms, follow training, read SOPs |
| Team Lead | + Team overview, assign alarms, view progress |
| Maintenance | + Equipment health, maintenance tasks, analytics |
| Admin | + User management, content creation, settings |
| Org Admin | + Organization settings, billing, full access |
Data Protection
- End-to-end encryption for all data
- Automatic daily backups with 30-day retention
- Data export on request (GDPR right)
- Full data deletion at contract end
- IP whitelisting option for API access
Multi-Tenant Architecture
- Complete data isolation between organizations
- Separate encryption keys per tenant
- No cross-tenant data access possible
- Individual audit logs per organization
- Configurable data retention policy
IT & Security FAQ
Technical answers for your IT department.
QHow do you ensure OT/IT network separation?
Our Gateway uses two physically separate network interfaces. One for the machine network (OT) and one for the business network (IT), with no routing between them.
QWhere is the data stored?
By default, data is stored in our secure EU-based Azure environment (Frankfurt/Amsterdam). We also offer full On-Premise deployment.
QWhat happens if the internet drops?
The Gateway has local buffering capacity for up to 72 hours of data. Once the connection is restored, data is automatically synced.
QDo you need inbound firewall ports?
No. The Gateway only requires outbound HTTPS (443) and MQTT (8883) connections. No inbound ports need to be opened.
Need more details?
Request our security whitepaper or schedule a call with our security team.