Clean & Elegant
Fully Responsive

Double checking is better
DRACOON’s certifications and quality seals

Our cloud service has been developed to be 100% customer-oriented. Nevertheless, it is very important to us to not only score with good words and our convincing team. External institutions also evaluate and certify our success product DRACOON. That way we ensure maximum data security for our customers.



The BSI's Cloud Computing Requirements Catalogue (C5) defines requirements and obligations that a cloud provider must meet in order to implement a high standard of information security. The catalogue of requirements extends the recognised ISO 27001 standard to include further aspects relevant to a cloud provider and sets out minimum requirements. This catalogue of requirements may only be tested by an auditor as an independent third party. The auditor prepares a detailed audit report that covers all aspects of information security in a company. Customers thus receive confirmation that information security has been tested in detail by an audited cloud provider and that it is at a high level.

In this context DRACOON was audited and successfully certified by the auditing company PricewaterhouseCoopers (PwC).

Click here for futher information on BSI C5.


ISO/IEC 27001:2013-Certificate

ISO/IEC 2700 is an internationally recognized standard that certifies that a company has successfully implemented and applied an information security management system (ISMS). An ISMS controls and monitors all information of a company and defines instructions on how to deal with information worthy of protection. The ISO certificate helps customers to find a service provider that complies with information security regulations and thus protects the customer's information.ISO/IEC 27001 is the internationally leading norm for information security management systems.

Click here for further information on ISO/IEC 27001.


IDW PS 951

Through outsourcing and cloud computing, companies today have the opportunity to outsource processes and thereby streamline their structures. However, responsibility for these processes remains with the companies. For this purpose, an auditor can carry out extensive audit procedures of his own or simply fall back on an audit report according to IDW PS 951 ("Audit of the internal control system at the service company for functions outsourced to the service company"). The IDW PS 951 is a proof for the adequacy and effectiveness of the internal control system. This has the advantage for you that recurring inspections can be avoided or restricted in their scope, liability risks can be reduced and an increase in efficiency can be achieved during the inspection.

In this context, DRACOON was audited and successfully certified by PwC, the leading auditing and consulting company in Germany.

We will be happy to provide you with the audit report on request.


Software Made in Germany

The seal "Software Made in Germany" is an initiative of the Bundesverband IT-Mittelstand (BITMi e.V.) and is awarded to companies from Germany that combine first-class service, quality and sustainability:

  • The producer of the software is a company based in Germany and the essential production steps of the software are carried out in Germany
  • The user interface, the help system, the documentation and the service and support services are multilingual or in German for the end user
  • The software is investment safe and the further development of the software is contractually guaranteed

Software Hosted in Germany

The "Software Hosted in Germany" seal is an initiative of the Bundesverband IT-Mittelstand (BITMi e.V.) (German Association of IT SMEs) and awards software that can be used via the Internet and that takes German data protection law and other criteria into account.

  • The software and the data are hosted in a computer center in Germany
  • The software and personal data do not leave Germany unless the customer requests this
  • The use of services which transmit non-personal data abroad must be clearly pointed out to the user or client
  • The hosting contract is governed exclusively by German law, in particular German data protection law, the German Civil Code (BGB) and the German Commercial Code (HGB)
  • The companies awarded the seal Software Hosted in Germany deposit the respective current standard of their technical and organizational measures with regard to data protection (cf. § 9 BDSG) with BITMi e.V.


Information Services Group (ISG)

With its studies, the Information Services Group (former Experton Group) offers companies valuable assistance in selecting the right business partner. For example, the latest "Cloud Transformation/Operation Services & XaaS ISG Vendor Benchmark 2019" analyzed serious providers in the file-sharing environment for the German market. The current “Enterprise Cloud Filesharing Quadrant” provides users with a well-founded market overview. As part of the independent study, 19 companies were classified as relevant and positioned within the quadrant. In this segment DRACOON received the award as leader.

Click here for further information on the study by ISG.


Validated IT Security by TÜV Hessen

Criteria such as network security, emergency management, data protection and information security, backup systems as well as further training and compliance with in-depth questions were examined as part of the audit by TÜV Hessen.

Click here for further information on TÜV Hessen.

Planned certifications

  • ISO 22301:2014 (Business Continuity Management)
    Certification by TÜV Rheinland planned for Autumn 2020
    ISO 22301 is an internationally recognized standard that certifies that a company has successfully implemented a Business Continuity Management System (BCMS). Companies with a BCMS can react appropriately to failures and interruptions in their business activities in order to be able to resume operations efficiently and safely. This provides customers with a certificate that DRACOON has taken measures to ensure high availability and a targeted management of interruptions.
  • ISO 27017:2015 (Information security for cloud services)
    Certification by TÜV Rheinland planned for Autumn 2020
    ISO 27017 extends ISO 27001 to include information security requirements for cloud operators. Thus DRACOON can prove that these additional requirements are also fulfilled.

  • ISO 27018:2019 (Protection of personal data in cloud services)
    Certification by TÜV Rheinland planned for Autumn 2020
    ISO 27018 extends ISO 27001 to include requirements for the protection of personal data in cloud service providers working on behalf of customers. Thus DRACOON, as a processor of customers with partly sensitive personal data, fulfils all requirements of the ISO in this area as well.

Test DRACOON now

10 users and 10 GB – free forever.
Store and share your data GDPR-compliantly and for an unlimited term!

Test now