View Cobrainer GmbH's compliance certifications, resources and subprocessors

Cobrainer Trust Center

The purpose of this Trust Center is to provide customers, stakeholders, and regulators with a clear and accurate overview of the information related to security, privacy and infrastructure practices at Cobrainer, and how AI is used within the Cobrainer platform, how associated risks are identified and managed, and how legal and ethical requirements are addressed. It will be continuously reviewed and updated to reflect technological developments, regulatory changes, and evolving best practices in the use of AI in human resources.

Report a vulnerability: [security@cobrainer.com](mailto:security@cobrainer.com "security@cobrainer.com")
For data privacy requests: [privacy@cobrainer.com](mailto:privacy@cobrainer.com "privacy@cobrainer.com")

Cobrainer's security, compliance and privacy efforts are lead by:
**Fabian Dziamski** (Legal and Compliance) — **Anton Zering** (IT Security) — **Sarath Kumar Kondreddi** (AI & Innovation) — **Sven Hunzinger** (Data Privacy)

Certifications

This trust portal is being prepared and will be available soon.

Trust portal coming soon

Controls

Trusted by

Documentation

Documents will appear here once they are published.

By requesting access, you agree to {companyName}'s <privacyPolicy>Privacy Policy</privacyPolicy>. This trust center is powered by <wolfiaPrivacy>Wolfia</wolfiaPrivacy>.

Fill out this form to request access. We'll review your request and get back to you shortly.

Error submitting request

Your access request for this trust center is still being reviewed. We'll email you as soon as it's approved, so there's no need to submit it again.

We've already received your access request.

Your request is under review

You already have access to this trust center. Open the link we just emailed you to view the documentation. There's no need to fill out the form again.

We've sent a fresh access link to your email.

Check your email

We'll review your request to access our private documents and get back to you shortly.

Your access request has been successfully submitted.

Access request submitted

Request access to documentation

We will process your questionnaire and email {email} when it's ready.

Questionnaire submitted

Submit a questionnaire

Subprocessors

By signing up for email notifications, you agree to {companyName}'s <privacyPolicy>Privacy Policy</privacyPolicy>. Notifications are powered by <wolfiaPrivacy>Wolfia</wolfiaPrivacy>.

Receive email notifications when {companyName} publishes important updates to their Trust Center.

You will now receive email notifications when {companyName} publishes important updates.

Subscribed!

Subscribe to updates

Updates

Premier international standard for information security management systems requiring a risk-based approach to protecting information assets. ISO 27001:2022 certification involves rigorous third-party audit of policies, procedures, and controls across 93 requirements organized in four themes: organizational, people, physical, and technological. Organizations demonstrate a systematic approach to managing sensitive information ensuring confidentiality, integrity, and availability.

Information Security Management System

International standard establishing guidelines for protecting personally identifiable information (PII) in public cloud computing environments. ISO 27018 addresses PII protection gaps in cloud services, covering consent, data location, law enforcement disclosure, and subprocessor management. Cloud providers achieving this certification demonstrate enhanced privacy controls specifically designed for multi-tenant cloud architectures.

PII Protection in Public Clouds

The EU's comprehensive data protection law that sets strict guidelines for collecting and processing personal information. GDPR compliance demonstrates accountability in data handling, requiring organizations to implement privacy by design, maintain detailed records, and respect individual rights. Organizations must ensure lawful basis for processing, enable data portability, and provide breach notifications within 72 hours.

General Data Protection Regulation

California's landmark privacy law granting consumers rights over their personal information collected by businesses. CCPA compliance requires transparency in data collection, consumer rights fulfillment processes, and security measures protecting personal information. Organizations must enable data access, deletion, and opt-out rights while maintaining detailed records of data processing activities.

California Consumer Privacy Act

Trusted Information Security Assessment Exchange Level 2 certification for automotive industry partners. TISAX AL2 enables secure information exchange with high protection needs including confidential data, prototype information, and development specifications. Based on VDA ISA (Information Security Assessment) and ISO 27001 standards.

Cobrainer Trust Center Trust Center