mc Trust

mc Trust is the central point of contact to give a transparent overview of measures we take to meet regulatory compliance and protect our systems, secure customer data, and ensure the reliable operation of our services. The information provided showcase the way we adhere to state of the art security standards and regulations and secure our services and products.

You want to report a potential security incident, a vulnerability, or you just have a question about our security? Find the right contact details for our cybersecurity teams here.

meteocontrol meets regulatory requirements while continuously improving processes to provide customers with the highest level of assurance regarding data integrity, security, and governance. We follow established standards and proven best practices to ensure a consistent and reliable compliance framework. This is supported by the implementation of effective control mechanisms, including regular audits and structured internal review processes that validate ongoing compliance with all applicable requirements. Beyond that, we have a company-wide culture of responsibility, transparency, and careful handling of sensitive data. With this approach, we ensure that both legal obligations and customer-specific requirements can be reliably met.

Physical access control

Physical access to our data centers is restricted to authorized personnel only and secured through multiple layers of protection, including multi-factor authentication.

Data location / residency

All data is exclusively hosted and processed within the European Union, with our infrastructure located in Germany. This ensures that your data remains protected under strict EU and German data protection regulations, including the General Data Protection Regulation (GDPR).

Our data centers are strategically chosen to provide both high availability and strong legal safeguards. By operating entirely within Germany, we benefit from one of the world’s most robust privacy frameworks, giving our customers confidence that their data is handled in accordance with stringent legal and regulatory requirements.

In addition, all hardware used in our infrastructure is fully owned and operated by our company. We do not rely on third-party cloud providers for core data storage or processing. This ownership model allows us to maintain complete control over the physical infrastructure, enforce consistent security standards, and minimize exposure to external risks.

Data center reliability & security

Our data center is built to ensure high availability, strong physical security, and reliable operations:

• Certified Standards – ISO 27001 and DIN EN 50600 compliant
• High Availability – Availability Class 3 for resilient, continuous operation
• Physical Security – Protection Class 3 to safeguard against unauthorized access
• Energy Monitoring – Granularity Level 2 for detailed energy tracking and efficiency
• Fire Protection – Gas-based fire suppression system for rapid, damage-free response
• Power Resilience – Uninterruptible power supply (UPS) and emergency generators ensure continuous power
• 24/7 Monitoring – Video surveillance for continuous security oversight

Availability

Our services are built on a redundant and scalable architecture to ensure high reliability. We have maintained an availability of over 99.9% over the past five years, with systems continuously monitored 24/7 to quickly detect and address any disruptions.

Infrastructure security

Our infrastructure is protected through multiple security layers, using controls such as network segmentation, intrusion detection (NIDS), and Distributed-Denial-of-Service-Angriff (DDoS) protection to safeguard systems and availability.

Explore the security features of our products, designed with a Secure Development Environment, secure coding standards, and structured vulnerability treatment processes aligned with our Cyber Security Management System (CSMS).