Skip to main content

Celonis Product Documentation

Data Security


The Celonis Intelligent Business Cloud adheres to the highest information security standards in order to protect your data.

Keeping all data safe and reliable is at the core of our service offering and our team is relentless when it comes to preventing possible points of failure.

We continuously look for ways to improve product and platform performance and protect the privacy of your data and your customers' data and preventing it from unauthorized access at all time.

Frequently Asked Questions

Where is the data stored?

Celonis does not store any data itself, it only accesses data from a database server. Data is stored in a Virtual Private Cloud at the AWS or Microsoft Azure Server Locations in Frankfurt, Germany.


Learn more by going to the Celonis Trust Center.

Click here to download our Secure Platform white paper.

How is the data encrypted?

All data transferred to Celonis is always encrypted via HTTPS using TLS 1.2 or higher. Data in the App DB and HDFS is encrypted at-rest. Both are backed up with encrypted backups.

How does data extraction from SAP works?

For the data extraction from SAP, Celonis offers an ABAP report. You simply need to specify a timeframe and a company code and then execute the report in your SAP system. Since this is a standard SAP procedure, your IT Team can assist you with the execution.

Is data anonymization possible?

All personal data is automatically pseudonymized. The pseudonymization takes place directly when the data is extracted from the SAP system in the customer’s network. Pseudonymized data is encrypted using a hash algorithm from the SHA1/2 family and is the state of the art encryption algorithm in SAP.

How does data deletion work?

Celonis is valuing the security and integrity of all data provided by its current and potential customers and other partners. Therefore, you have full control over when you want to delete your data.

What are the Data Protection policies?

Celonis has undertaken significant efforts to ensure our customer’s data is protected, including but not limited to:

  • Appointment of a data protection officer for Celonis SE and its European subsidiaries.

  • Creation and activation of data processing procedures, website policies, a data protection policy and a detailed data protection manual.

  • Regular training of Celonis employees regarding data protection compliance.

  • Completion of supplier audit to ensure supplier agreement are in compliance with GDPR, including in view of any processing activities which may be carried out outside the EEA.

Is Celonis GDPR compliant?

The overall efforts taken by Celonis, including a required self-assessment conducted together with our data protection officer, ensure compliance with GDPR as it came into effect on 25 May 2018. In addition, Celonis has obtained a certification of its information security systems in accordance with ISO 27001, and is ISO 9001:2015 certified.

Which security certificates do you own?

Click here to find and download all Intelligent Business Cloud compliance and certifications.