Enterprise-grade security for your Business Central environment. GDPR and Swiss nFADP compliant by design.
SOC 2 Type II and ISO 27001 audits are on the 2026 roadmap.
Zentriq is built for teams that handle sensitive financial and procurement data inside Microsoft Dynamics 365 Business Central. Security is not an afterthought, it is embedded in every layer of the product, from architecture to user experience.
Zentriq fully complies with the EU General Data Protection Regulation. We process personal data only as necessary to provide the service, with clear legal bases for each processing activity. Users can request data export or deletion at any time.
As a Swiss sole proprietorship (Zentriq Software), we comply with Switzerland's new Federal Act on Data Protection (nFADP / nLPD / nDSG), effective September 2023. This includes data minimization, purpose limitation, and privacy by design principles.
Zentriq runs entirely in the EU: the application, the database, and all AI processing are hosted in Frankfurt, Germany. Your Business Central data is accessed through your own Microsoft sign-in and processed in Europe; any data we keep (conversation history) is stored encrypted in the EU. Your ERP data is never used to train any AI model.
All data is encrypted in transit and at rest. Sensitive values such as access tokens are stored encrypted and are never exposed in logs or error messages.
We never sell or share your business data. Our AI provider processes queries without retaining your data, and no analytics trackers have access to your ERP information. We only rely on the infrastructure subprocessors needed to run the service, the full list, with names and regions, is in our Subprocessors list.
The Zentriq Agent never creates, modifies, or deletes records without explicit user approval. Every write action requires confirmation before it is executed. You stay in full control of what changes are made in your Business Central environment.
Zentriq connects through your own Microsoft sign-in (Entra ID), we never see or store your password, and we never ask for admin credentials. Access follows your own Business Central permissions and is scoped to the minimum each task needs, no elevation, no backdoors.
We follow SOC 2 Type II-aligned security practices including access control, change management, incident response procedures, and regular security reviews. Infrastructure monitoring, automated alerts, and audit logging are built into our platform.
If you have questions about our security practices, need a Data Processing Agreement (DPA), or want to discuss compliance requirements for your organization, please reach out.
Free plan available. No credit card required.