<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Datargo</title><link>https://datargo.com/en/</link><description>Recent content on Datargo</description><generator>Hugo</generator><language>en-US</language><lastBuildDate>Tue, 23 Jun 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://datargo.com/en/index.xml" rel="self" type="application/rss+xml"/><item><title>APIs as Part of the Supply Chain: Why Interface Security Becomes a Matter of Evidence</title><link>https://datargo.com/en/blog/api-security-supply-chain/</link><pubDate>Tue, 23 Jun 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/api-security-supply-chain/</guid><description>&lt;p&gt;Software is rarely a monolith today. Modules, partner services and tenants talk to each other through interfaces, and these APIs are the quiet connectors of the supply chain. NIS2 explicitly requires supply chain security as part of the risk picture. That moves a question long treated as purely technical to the foreground: how secure, and how auditable, are your own interfaces?&lt;/p&gt;
&lt;h2 id="the-interface-is-the-attack-surface"&gt;The interface is the attack surface&lt;/h2&gt;
&lt;p&gt;The most common API weaknesses are not exotic exploits but authorization flaws. In the OWASP API Security Top 10, Broken Object Level Authorization sits in first place: an API hands out data without properly checking whether the requesting account is allowed to see it at all. A changed object ID in the request is then enough to retrieve someone else&amp;rsquo;s records. Three control points decide robustness in practice:&lt;/p&gt;</description></item><item><title>Passkeys in the Enterprise: Phishing-Resistant Sign-In Beyond Passwords and OTPs</title><link>https://datargo.com/en/blog/passkeys-enterprise/</link><pubDate>Tue, 23 Jun 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/passkeys-enterprise/</guid><description>&lt;p&gt;Phishing remains the most reliable way into corporate networks, and most second factors do little to change that. A password plus an SMS code, TOTP app or push approval counts as multi-factor authentication, yet at its core it is attackable: lure the user onto a fake page and the second factor can be captured in real time too. FIDO2 passkeys address exactly this point.&lt;/p&gt;
&lt;h2 id="why-classic-mfa-stays-phishable"&gt;Why classic MFA stays phishable&lt;/h2&gt;
&lt;p&gt;The problem is not the number of factors but their transferability. A one-time code is a shared secret: it works wherever it is entered, including on the phishing page. What is missing is a binding to the genuine counterparty. That binding is precisely what WebAuthn, the standard behind passkeys, provides.&lt;/p&gt;</description></item><item><title>The EU Data Act and the End of Switching Fees: Cloud Switching Becomes Mandatory</title><link>https://datargo.com/en/blog/data-act-cloud-switching/</link><pubDate>Tue, 23 Jun 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/data-act-cloud-switching/</guid><description>&lt;p&gt;Vendor lock-in was long a commercial lever: anyone wanting to leave paid for the exit, fought proprietary formats and lost weeks to migration work. The EU Data Act (Regulation (EU) 2023/2854) reverses that logic. The regulation has applied since 12 September 2025, and its Chapter VI turns switching cloud providers into an enforceable customer right.&lt;/p&gt;
&lt;h2 id="what-has-applied-since-september-2025"&gt;What has applied since September 2025&lt;/h2&gt;
&lt;p&gt;Providers of data processing services (IaaS, PaaS, SaaS) must remove every obstacle that makes switching harder: pre-commercial, commercial, technical, contractual and organisational barriers alike. In practice this means a maximum notice period of two months, a 30-day transition window for the actual move (extendable to up to seven months where technically unfeasible) and the right to take data and digital assets along. For new contracts these duties already apply.&lt;/p&gt;</description></item><item><title>When the Chatbot Has to Identify Itself: AI Transparency in Customer Service from August 2026</title><link>https://datargo.com/en/blog/ai-transparency-customer-service/</link><pubDate>Tue, 23 Jun 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/ai-transparency-customer-service/</guid><description>&lt;p&gt;Automated first responses, AI-assisted ticket triage, generated reply suggestions: in customer service, AI is already routine. From 2 August 2026 Article 50 of the EU AI Act becomes enforceable, bringing binding transparency obligations for exactly these systems. These duties are distinct from the rules for providers of general-purpose AI models (GPAI): the point here is not the model, but the interaction with people.&lt;/p&gt;
&lt;h2 id="what-article-50-requires"&gt;What Article 50 requires&lt;/h2&gt;
&lt;p&gt;At its core sits a disclosure duty. Providers of AI systems intended for direct interaction with people (such as chatbots) must ensure that the person concerned is aware they are communicating with an AI system. The notice must be given at the latest at the time of the first interaction, unless the use of AI is obvious from the circumstances. On top of that, AI-generated or manipulated content must be marked as such in a machine-readable way, and content of public interest that could appear authentic has to be labelled separately.&lt;/p&gt;</description></item><item><title>47-Day Certificates: The CA/Browser Roadmap to 2029</title><link>https://datargo.com/en/blog/47-day-tls-certificates/</link><pubDate>Tue, 09 Jun 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/47-day-tls-certificates/</guid><description>&lt;p&gt;The debate is settled, and part of the outcome is already operational reality: since 15 March 2026, publicly trusted TLS certificates may be valid for at most &lt;strong&gt;200 days&lt;/strong&gt;, down from 398. That is the first step in a roadmap the CA/Browser Forum adopted in April 2025 with Ballot &lt;strong&gt;SC-081v3&lt;/strong&gt;: unanimously, with 29 votes in favour and none against. At the end of that roadmap sits a maximum lifetime of &lt;strong&gt;47 days&lt;/strong&gt;.&lt;/p&gt;</description></item><item><title>eIDAS 2.0 and the EUDI Wallet: What Relying Parties Must Prepare by the End of 2026</title><link>https://datargo.com/en/blog/eidas-2-eudi-wallet/</link><pubDate>Tue, 09 Jun 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/eidas-2-eudi-wallet/</guid><description>&lt;p&gt;In about six months a deadline expires that many companies still treat as distant regulation: by &lt;strong&gt;24 December 2026&lt;/strong&gt;, all 27 EU member states must provide their citizens and residents with at least one &lt;strong&gt;European Digital Identity Wallet (EUDI Wallet)&lt;/strong&gt;. The legal basis is Regulation (EU) 2024/1183 (&amp;ldquo;eIDAS 2.0&amp;rdquo;), in force since 20 May 2024.&lt;/p&gt;
&lt;p&gt;For most companies the more pressing question is not when the wallet arrives, but when they will have to &lt;strong&gt;accept&lt;/strong&gt; it. And that deadline follows immediately.&lt;/p&gt;</description></item><item><title>The Cyber Resilience Act: What 11 September 2026 Means for Makers of Digital Products</title><link>https://datargo.com/en/blog/cyber-resilience-act-reporting-2026/</link><pubDate>Tue, 09 Jun 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/cyber-resilience-act-reporting-2026/</guid><description>&lt;p&gt;In about three months a regulation turns into operational reality. From &lt;strong&gt;11 September 2026&lt;/strong&gt; the first binding obligations of the Cyber Resilience Act (Regulation (EU) 2024/2847) take effect, and they happen to be the ones that demand the most process: reporting actively exploited vulnerabilities and severe security incidents. The remaining product and conformity obligations follow with full application on &lt;strong&gt;11 December 2027&lt;/strong&gt;.&lt;/p&gt;
&lt;p&gt;Anyone who manufactures, imports or distributes products with digital elements in the EU should therefore treat September not as a distant date, but as the day a working reporting path has to exist.&lt;/p&gt;</description></item><item><title>Data Sovereignty After the Data Privacy Framework: Why EU Hosting Becomes an Architecture Question</title><link>https://datargo.com/en/blog/data-sovereignty-data-privacy-framework/</link><pubDate>Tue, 02 Jun 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/data-sovereignty-data-privacy-framework/</guid><description>&lt;p&gt;Anyone transferring personal data to the United States has relied since 2023 on the adequacy decision for the EU-US Data Privacy Framework (DPF). In September 2025 the General Court of the European Union (EuG) dismissed a challenge against it, leaving the framework a valid legal basis. But the matter is not closed: in late October 2025 an appeal was lodged with the Court of Justice (Case C-703/25 P). Another reversal, a &amp;ldquo;Schrems III&amp;rdquo;, is not ruled out.&lt;/p&gt;</description></item><item><title>The EU AI Act: GPAI Enforcement from 2 August 2026 and What the Digital Omnibus Postponed</title><link>https://datargo.com/en/blog/ai-act-gpai-enforcement-2026/</link><pubDate>Tue, 26 May 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/ai-act-gpai-enforcement-2026/</guid><description>&lt;p&gt;The EU AI Act has been in force since August 2024, but many of its obligations take effect in stages. One date stands out: on &lt;strong&gt;2 August 2026&lt;/strong&gt; active enforcement against providers of general-purpose AI models (GPAI) begins through the EU AI Office, and national sanction regimes take effect in parallel. In Germany the accompanying AI Measures and Innovation Act (KI-MIG) applies. Anyone who uses or provides AI should know the deadline, but also the most recent postponements.&lt;/p&gt;</description></item><item><title>SD-JWT VC and OpenID4VP: The Protocols Behind the EUDI Wallet</title><link>https://datargo.com/en/blog/eudi-wallet-protocols-sdjwt-openid4vp/</link><pubDate>Tue, 12 May 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/eudi-wallet-protocols-sdjwt-openid4vp/</guid><description>&lt;p&gt;Most of the conversation around the EUDI Wallet sits at the political and organisational level: member-state provisioning by the end of 2026, registration duties, acceptance deadlines. But anyone who actually wants to accept the wallet eventually faces a technical question: how exactly do I verify that a presented attribute is genuine, valid and sufficient for my purpose? This article looks at the verification side and the building blocks that come together there.&lt;/p&gt;</description></item><item><title>Archiving Structured E-Invoices the GoBD Way: The Eight-Year Question</title><link>https://datargo.com/en/blog/e-invoice-archiving-gobd/</link><pubDate>Tue, 21 Apr 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/e-invoice-archiving-gobd/</guid><description>&lt;p&gt;The debate around e-invoicing mostly turns on issuing and receiving. The quieter but longer-lived obligation only begins afterwards: retention. A structured invoice is not a document in the classic sense but a data set, and it must remain unalterable and machine-readable for years. Building that into your processes from the start avoids costly rework later.&lt;/p&gt;
&lt;h2 id="what-changed-about-the-retention-period"&gt;What changed about the retention period&lt;/h2&gt;
&lt;p&gt;For a long time, accounting records had to be kept for ten years. Germany&amp;rsquo;s Fourth Bureaucracy Relief Act (BEG IV) shortened this to &lt;strong&gt;eight years&lt;/strong&gt; as of 1 January 2025. The new period applies to all records whose previous ten-year period had not yet expired at that point.&lt;/p&gt;</description></item><item><title>NIS2 in Practice: From Reporting Duty to Defensible Evidence</title><link>https://datargo.com/en/blog/nis2-practice-evidence/</link><pubDate>Tue, 14 Apr 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/nis2-practice-evidence/</guid><description>&lt;p&gt;Since 6 December 2025, NIS2 is law in Germany. The NIS2 Implementation and Cybersecurity Strengthening Act (NIS2UmsuCG) was passed by the Bundestag on 13 November 2025, confirmed by the Bundesrat on 20 November, and entered into force with no transition period. Around 29,500 companies across 18 sectors are in scope. The BSI registration deadline on 6 March 2026 has passed; late registration remains possible and is advisable.&lt;/p&gt;
&lt;p&gt;Many organisations treated the rollout as a registration and documentation task. The harder part begins afterwards: being able to prove, when it counts, what actually happened.&lt;/p&gt;</description></item><item><title>ACME Beyond the Web Server: Certificate Automation for Internal Services and mTLS</title><link>https://datargo.com/en/blog/acme-internal-pki-mtls/</link><pubDate>Tue, 17 Mar 2026 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/acme-internal-pki-mtls/</guid><description>&lt;p&gt;Shortening public TLS lifetimes towards an eventual 47 days has created an awareness that manual renewal no longer scales. What often gets overlooked: inside a company there are usually far more certificates than at the outward-facing edge. Service-to-service communication, mTLS in a service mesh, internal APIs and database connections all live on certificates, and these follow different patterns than the public web.&lt;/p&gt;
&lt;h2 id="why-internal-does-not-mean-simpler"&gt;Why &amp;ldquo;internal&amp;rdquo; does not mean &amp;ldquo;simpler&amp;rdquo;&lt;/h2&gt;
&lt;p&gt;At the public web server the situation is tidy: a handful of domains, a public CA, a clearly defined validation path. Internally the ratio inverts. Here there are often hundreds or thousands of short-lived endpoints that appear and vanish dynamically, for instance when an orchestrator starts new containers. An internal CA issues certificates for them that nobody sees publicly, but which expire just the same, must renew just the same, and take down a service just the same when they fail.&lt;/p&gt;</description></item><item><title>DORA for ICT Providers: Third-Party Risk and Incident Reporting</title><link>https://datargo.com/en/blog/dora-third-party-risk/</link><pubDate>Tue, 09 Dec 2025 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/dora-third-party-risk/</guid><description>&lt;p&gt;DORA, the Digital Operational Resilience Act (Regulation (EU) 2022/2554), has applied to the European financial sector since 17 January 2025. Since 19 November 2025, oversight has become concrete: the European Supervisory Authorities EBA, EIOPA and ESMA published the first official list of 19 ICT third-party providers designated as critical, among them AWS, Google Cloud, Microsoft, Oracle, SAP, IBM and Deutsche Telekom. The list is updated annually.&lt;/p&gt;
&lt;p&gt;The instinctive reaction of many IT providers is: this does not concern me, I am not a bank. That is a fallacy. DORA travels down the supply chain.&lt;/p&gt;</description></item><item><title>Post-Quantum Cryptography: Why the Migration Starts in 2026, Not 2030</title><link>https://datargo.com/en/blog/post-quantum-migration/</link><pubDate>Tue, 16 Sep 2025 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/post-quantum-migration/</guid><description>&lt;p&gt;Since August 2024, the first three post-quantum standards have been final. NIST published FIPS 203 (ML-KEM, derived from Kyber), FIPS 204 (ML-DSA, from Dilithium) and FIPS 205 (SLH-DSA, from SPHINCS+), concluding an eight-year selection process. Many read the headline, see the frequently cited year 2030 and put the topic back on the shelf. That is a misunderstanding: 2030 is a deadline, not a starting gun.&lt;/p&gt;
&lt;h2 id="harvest-now-decrypt-later-makes-it-urgent"&gt;&amp;ldquo;Harvest now, decrypt later&amp;rdquo; makes it urgent&lt;/h2&gt;
&lt;p&gt;The threat does not wait for the first capable quantum computer. Attackers intercept encrypted traffic today and store it to decrypt later. Anything that must stay protected for a long time is therefore already exposed: contracts, health and HR data, long-lived keys, intellectual property, state and trade secrets. For this data, what matters is not when a quantum computer becomes practical, but how long the data must remain secret.&lt;/p&gt;</description></item><item><title>Germany's E-Invoicing Mandate: The 2025 to 2028 Roadmap Without the Myths</title><link>https://datargo.com/en/blog/e-invoicing-mandate-timeline/</link><pubDate>Tue, 11 Feb 2025 00:00:00 +0000</pubDate><guid>https://datargo.com/en/blog/e-invoicing-mandate-timeline/</guid><description>&lt;p&gt;Since 1 January 2025, e-invoicing in German B2B business is no longer optional. The first stage of the new mandate is in force: every domestic company must be able to receive structured electronic invoices. Issuing them electronically is not yet compulsory, but receiving them is. The legal basis is the Growth Opportunities Act (Wachstumschancengesetz), passed by the Bundesrat on 22 March 2024; the details are set out in the Federal Ministry of Finance guidance of 15 October 2024.&lt;/p&gt;</description></item><item><title>Addendum for Regulated Customers (DORA / NIS2)</title><link>https://datargo.com/en/agb-dora/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/agb-dora/</guid><description>&lt;h2 id="1-subject-matter-scope-and-relationship-to-other-documents"&gt;1. Subject Matter, Scope and Relationship to Other Documents&lt;/h2&gt;
&lt;p&gt;(1) This Addendum for regulated customers (hereinafter the &amp;ldquo;Addendum&amp;rdquo;) supplements the &lt;a href="https://datargo.com/en/agb/"&gt;General Terms and Conditions&lt;/a&gt;
 of &lt;strong&gt;Datargo GmbH&lt;/strong&gt;, Frankfurt am Main (hereinafter &amp;ldquo;Datargo&amp;rdquo;), with those contractual mandatory contents that are required for regulated customers under Regulation (EU) 2022/2554 (Digital Operational Resilience Act, hereinafter &amp;ldquo;DORA&amp;rdquo;) and under Directive (EU) 2022/2555 (hereinafter &amp;ldquo;NIS2&amp;rdquo;) as well as their respective national implementation.&lt;/p&gt;
&lt;p&gt;(2) This Addendum applies exclusively to customers that are&lt;/p&gt;</description></item><item><title>Book a call</title><link>https://datargo.com/en/contact/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/contact/</guid><description/></item><item><title>Careers</title><link>https://datargo.com/en/karriere/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/karriere/</guid><description>&lt;h2 id="what-we-are-working-toward"&gt;What we are working toward&lt;/h2&gt;
&lt;p&gt;Datargo brings together monitoring, customer service, identity, accounting, and certificates in one platform, EU-hosted and auditable by design. We are building it for organizations that understand digital sovereignty not as a buzzword, but as a requirement.&lt;/p&gt;
&lt;h2 id="how-we-work"&gt;How we work&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Small, accountable teams with a direct line to customers&lt;/li&gt;
&lt;li&gt;Native apps and platform services, without wrapping and without compromises on security&lt;/li&gt;
&lt;li&gt;Made in Germany, operated on our own European infrastructure&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="who-we-are-looking-for"&gt;Who we are looking for&lt;/h2&gt;
&lt;p&gt;We are always glad to hear from people in engineering, security, product, and customer support who take regulated industries seriously. We post open positions here as soon as they become available.&lt;/p&gt;</description></item><item><title>Customer Voices</title><link>https://datargo.com/en/customers/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/customers/</guid><description>&lt;h2 id="references-from-regulated-industries"&gt;References from regulated industries&lt;/h2&gt;
&lt;p&gt;Our first customers work in financial services, the public sector, healthcare, industry and SaaS. In these industries, references are only named once confidentiality and approvals allow. We build them up carefully instead of advertising with logos that we cannot substantiate.&lt;/p&gt;
&lt;h2 id="the-design-partner-program"&gt;The Design Partner Program&lt;/h2&gt;
&lt;p&gt;We are looking for pilot customers who adopt the Datargo suite early and help shape it:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;A direct line&lt;/strong&gt; to the product team and influence on the roadmap&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Guided onboarding&lt;/strong&gt; of Datargo Monitor, Datargo CRM and Datargo ID&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Preferential terms&lt;/strong&gt; for the pilot phase&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;A joint case study&lt;/strong&gt; once results are available and approved&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="is-this-a-fit-for-you"&gt;Is this a fit for you?&lt;/h2&gt;
&lt;p&gt;If you are looking for a sovereign, EU-hosted platform with audit evidence and you are ready to get on board early, we would be glad to talk.&lt;/p&gt;</description></item><item><title>Data Processing Agreement (DPA)</title><link>https://datargo.com/en/avv/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/avv/</guid><description>&lt;h2 id="1-preamble-and-allocation-of-roles"&gt;1. Preamble and allocation of roles&lt;/h2&gt;
&lt;p&gt;(1) This Data Processing Agreement (hereinafter the &amp;ldquo;DPA&amp;rdquo;) sets out in concrete terms the data protection rights and obligations of the parties in connection with the processing of personal data that &lt;strong&gt;Datargo GmbH&lt;/strong&gt;, Frankfurt am Main (hereinafter &amp;ldquo;Datargo&amp;rdquo; or the &amp;ldquo;Processor&amp;rdquo;), carries out on behalf of and in accordance with the instructions of the customer (hereinafter the &amp;ldquo;Customer&amp;rdquo; or the &amp;ldquo;Controller&amp;rdquo;) in the course of providing the modules Datargo Monitor, Datargo CRM, Datargo ID, Datargo ERP and NextPKI as well as the bundled offering Datargo One (individually and collectively hereinafter the &amp;ldquo;Services&amp;rdquo;).&lt;/p&gt;</description></item><item><title>Datargo CRM</title><link>https://datargo.com/en/platform/datargo-crm/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/platform/datargo-crm/</guid><description/></item><item><title>Datargo ERP</title><link>https://datargo.com/en/platform/datargo-erp/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/platform/datargo-erp/</guid><description/></item><item><title>Datargo ID</title><link>https://datargo.com/en/platform/id/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/platform/id/</guid><description/></item><item><title>Datargo Licensing: General Terms and Conditions and End User Licence Agreement (EULA)</title><link>https://datargo.com/en/agb-licensing/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/agb-licensing/</guid><description>&lt;!-- DRAFT (AI-generated, adversarially reviewed) - to be cleared by a specialist attorney for IT law before publication. --&gt;
&lt;p&gt;&lt;strong&gt;General Terms and Conditions (GTC) and End User Licence Agreement (EULA) of Datargo GmbH for the acquisition and use of Datargo Licensing products&lt;/strong&gt;&lt;/p&gt;
&lt;p&gt;As of: 1 June 2026&lt;/p&gt;
&lt;p&gt;These terms apply to all software products distributed through the direct software business of Datargo GmbH (Datargo Licensing), in particular sqlclient and FoldMail, which are obtained through the License Center (license.datargo.com). They consist of Part A (product-neutral GTC for the acquisition contract), Part B (product-neutral End User Licence Agreement/EULA for the rights of use) and Part C (product-specific schedules of services for each product). The terms apply to consumers and entrepreneurs alike.&lt;/p&gt;</description></item><item><title>Datargo Monitor</title><link>https://datargo.com/en/platform/datargo-monitor/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/platform/datargo-monitor/</guid><description/></item><item><title>Documentation</title><link>https://datargo.com/en/docs/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/docs/</guid><description>&lt;h2 id="where-to-start"&gt;Where to start&lt;/h2&gt;
&lt;p&gt;The Datargo suite is modular. Each module can be adopted individually and connected through open standards.&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Datargo Monitor:&lt;/strong&gt; checks for HTTP, DNS, TLS, TCP, SMTP, Ping, and Traceroute, an incident engine, and an audit trail.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Datargo CRM:&lt;/strong&gt; an embeddable chat widget, tickets and contacts, multi-tenant.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Datargo ID:&lt;/strong&gt; central sign-in and Single Sign-On for all modules.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Datargo ERP:&lt;/strong&gt; invoicing per EN 16931, export, and integration.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;NextPKI:&lt;/strong&gt; management and issuance of certificates.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="integration-and-operations"&gt;Integration and operations&lt;/h2&gt;
&lt;p&gt;All modules speak open standards and can be exported and connected. Single Sign-On runs through Datargo ID, billing through Datargo ERP. Your data stays EU-hosted and remains exportable at any time.&lt;/p&gt;</description></item><item><title>General Terms and Conditions</title><link>https://datargo.com/en/agb/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/agb/</guid><description>&lt;h2 id="1-scope-and-order-of-precedence"&gt;1. Scope and order of precedence&lt;/h2&gt;
&lt;p&gt;(1) These General Terms and Conditions (hereinafter &amp;ldquo;GTC&amp;rdquo;) apply to all contracts between &lt;strong&gt;Datargo GmbH&lt;/strong&gt;, Frankfurt am Main (hereinafter &amp;ldquo;Datargo&amp;rdquo;), and its business customers (hereinafter &amp;ldquo;Customer&amp;rdquo;) concerning the provision and use of the modules Datargo Monitor, Datargo CRM, Datargo ID, Datargo ERP and NextPKI, as well as the bundled offering Datargo One (individually and collectively hereinafter &amp;ldquo;Services&amp;rdquo;).&lt;/p&gt;
&lt;p&gt;(2) Datargo&amp;rsquo;s offerings are directed exclusively at entrepreneurs within the meaning of section 14 BGB (German Civil Code), at legal persons under public law and at special funds under public law. The conclusion of a contract with consumers within the meaning of section 13 BGB is excluded. The Customer warrants that it is concluding the contract in the exercise of its commercial or independent professional activity.&lt;/p&gt;</description></item><item><title>Legal Notice</title><link>https://datargo.com/en/impressum/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/impressum/</guid><description>&lt;h2 id="provider"&gt;Provider&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;Datargo GmbH&lt;/strong&gt;
Omniturm, Neue Mainzer Straße 52-58
60311 Frankfurt am Main, Germany&lt;/p&gt;
&lt;p&gt;Managing Director: Andreas Mallek&lt;/p&gt;
&lt;h2 id="contact"&gt;Contact&lt;/h2&gt;
&lt;p&gt;Email: &lt;a href="mailto:hello@datargo.com"&gt;hello@datargo.com&lt;/a&gt;
&lt;/p&gt;
&lt;h2 id="register-entry"&gt;Register Entry&lt;/h2&gt;
&lt;p&gt;Registered in the commercial register:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Registering court: Friedberg Local Court (Amtsgericht Friedberg)&lt;/li&gt;
&lt;li&gt;Register number: HRB 9742&lt;/li&gt;
&lt;li&gt;VAT identification number pursuant to Section 27a UStG: DE320115003&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;The address shown above in the Omniturm (Frankfurt am Main) is the business address. The company&amp;rsquo;s registered seat lies within the district of the Friedberg Local Court (Amtsgericht Friedberg, Wetteraukreis).&lt;/p&gt;</description></item><item><title>NextPKI</title><link>https://datargo.com/en/platform/nextpki/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/platform/nextpki/</guid><description/></item><item><title>Partner Program</title><link>https://datargo.com/en/partners/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/partners/</guid><description>&lt;h2 id="who-the-program-is-for"&gt;Who the program is for&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;System integrators and IT service providers&lt;/strong&gt; who want to add a sovereign, EU-hosted alternative to US platforms to their portfolio.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Implementation partners&lt;/strong&gt; who roll out monitoring, customer service, identity and accounting in mid-sized companies and large enterprises.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Managed service providers&lt;/strong&gt; who offer Datargo Monitor and Datargo CRM as a fully managed ongoing operation.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="what-working-together-looks-like"&gt;What working together looks like&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;Refer.&lt;/strong&gt; You recommend, we deliver and operate. For every referred contract you receive recurring compensation.&lt;/p&gt;</description></item><item><title>Privacy Policy</title><link>https://datargo.com/en/datenschutz/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/datenschutz/</guid><description>&lt;h2 id="1-overview-and-scope"&gt;1. Overview and scope&lt;/h2&gt;
&lt;p&gt;(1) This privacy policy informs you about how Datargo GmbH (hereinafter &amp;ldquo;Datargo&amp;rdquo;, &amp;ldquo;we&amp;rdquo; or &amp;ldquo;us&amp;rdquo;) processes personal data arising from the visit to and use of this website as well as the functions directly connected with it (such as making contact and live chat). It is addressed to all persons whose data is processed in this context (hereinafter &amp;ldquo;data subjects&amp;rdquo; or &amp;ldquo;you&amp;rdquo;).&lt;/p&gt;
&lt;p&gt;(2) Personal data means any information relating to an identified or identifiable natural person (Art. 4 No. 1 GDPR). The relevant legal bases are in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the Telecommunications Digital Services Data Protection Act (Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz, TDDDG).&lt;/p&gt;</description></item><item><title>Service Level Agreement (SLA)</title><link>https://datargo.com/en/sla/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/sla/</guid><description>&lt;h2 id="1-subject-matter-scope-and-delimitation"&gt;1. Subject matter, scope and delimitation&lt;/h2&gt;
&lt;p&gt;(1) This Service Level Agreement (hereinafter &amp;ldquo;SLA&amp;rdquo;) is an annex to the &lt;a href="https://datargo.com/en/agb/"&gt;General Terms and Conditions&lt;/a&gt;
 of Datargo GmbH (hereinafter &amp;ldquo;Datargo&amp;rdquo;) and specifies in detail the availability of the Datargo services governed in Section 6 of the General Terms and Conditions (Datargo Monitor, Datargo CRM, Datargo ID, Datargo ERP and NextPKI as well as the bundled offering Datargo One, individually and collectively hereinafter the &amp;ldquo;Services&amp;rdquo;).&lt;/p&gt;</description></item><item><title>Special Conditions Datargo CRM</title><link>https://datargo.com/en/agb-crm/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/agb-crm/</guid><description>&lt;h2 id="1-applicability-relationship-to-further-documents-and-order-of-precedence"&gt;1. Applicability, relationship to further documents and order of precedence&lt;/h2&gt;
&lt;p&gt;(1) These special conditions (hereinafter &amp;ldquo;Special Conditions CRM&amp;rdquo;) apply exclusively to the use of the Datargo CRM module and supplement the &lt;a href="https://datargo.com/en/agb/"&gt;General Terms and Conditions&lt;/a&gt;
 of Datargo GmbH (hereinafter &amp;ldquo;Datargo&amp;rdquo;). They are addressed exclusively to entrepreneurs within the meaning of section 14 BGB (German Civil Code), to legal persons under public law and to special funds under public law.&lt;/p&gt;
&lt;p&gt;(2) Insofar as these Special Conditions CRM and the General Terms and Conditions conflict in the context of Datargo CRM, these Special Conditions CRM shall prevail. In all other respects, the General Terms and Conditions, in particular the liability provision set out therein (Section 9 of the General Terms and Conditions), shall remain unaffected and shall apply on a supplementary basis. Any reference in these Special Conditions CRM to &amp;ldquo;the liability provision&amp;rdquo; refers to Section 9 of the General Terms and Conditions.&lt;/p&gt;</description></item><item><title>Special Terms Datargo Monitor</title><link>https://datargo.com/en/agb-monitor/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/agb-monitor/</guid><description>&lt;h2 id="1-scope-relationship-to-other-documents-and-order-of-precedence"&gt;1. Scope, Relationship to Other Documents and Order of Precedence&lt;/h2&gt;
&lt;p&gt;(1) These special terms (hereinafter &amp;ldquo;Special Terms Monitor&amp;rdquo;) apply exclusively to the use of the Datargo Monitor module and supplement the &lt;a href="https://datargo.com/en/agb/"&gt;General Terms and Conditions&lt;/a&gt;
 of Datargo GmbH (hereinafter &amp;ldquo;Datargo&amp;rdquo;). They are directed exclusively at entrepreneurs within the meaning of Section 14 BGB (German Civil Code), at legal entities under public law and at special funds under public law.&lt;/p&gt;
&lt;p&gt;(2) Insofar as these Special Terms Monitor and the General Terms and Conditions conflict in the context of Datargo Monitor, these Special Terms Monitor shall prevail. In all other respects the General Terms and Conditions, in particular the liability provision set out therein (Section 9 of the General Terms and Conditions), remain unaffected and apply on a supplementary basis. Any reference in these Special Terms Monitor to &amp;ldquo;the liability provision&amp;rdquo; refers to Section 9 of the General Terms and Conditions.&lt;/p&gt;</description></item><item><title>Status</title><link>https://datargo.com/en/status/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/status/</guid><description>&lt;h2 id="how-we-measure-availability"&gt;How we measure availability&lt;/h2&gt;
&lt;p&gt;Datargo confirms availability across multiple regions from Frankfurt, North America and Asia. Only once several regions confirm an outage does the incident engine trigger. This eliminates false alarms and makes every incident traceable in the audit trail, as NIS2 evidence.&lt;/p&gt;
&lt;h2 id="where-you-see-live-status"&gt;Where you see live status&lt;/h2&gt;
&lt;p&gt;Inside the product, you see availability, open incidents and response times in real time, per organization and per module. Datargo Monitor delivers the same view for your own services and suppliers.&lt;/p&gt;</description></item><item><title>Sub-Processors</title><link>https://datargo.com/en/sub-processors/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/sub-processors/</guid><description>&lt;h2 id="1-subject-matter-and-relationship-to-the-data-processing-agreement"&gt;1. Subject Matter and Relationship to the Data Processing Agreement&lt;/h2&gt;
&lt;p&gt;(1) This overview lists the sub-processors (hereinafter &amp;ldquo;sub-processors&amp;rdquo;) that &lt;strong&gt;Datargo GmbH&lt;/strong&gt;, Frankfurt am Main (hereinafter &amp;ldquo;Datargo&amp;rdquo;), engages for the processing of personal data of its business customers in connection with the provision of the modules Datargo Monitor, Datargo CRM, Datargo ID, Datargo ERP and NextPKI, as well as the bundle offering Datargo One (individually and collectively hereinafter the &amp;ldquo;Services&amp;rdquo;).&lt;/p&gt;
&lt;p&gt;(2) This overview forms part of the &lt;a href="https://datargo.com/en/avv/"&gt;Data Processing Agreement (DPA)&lt;/a&gt;
 pursuant to Art. 28 GDPR and gives concrete effect to its Section 7 (engagement of further processors). To the extent there are conflicts between this overview and the DPA, the DPA shall prevail in matters concerning the processing of personal data. Where an individual agreement deviates from this overview, that individual agreement shall prevail (Section 305b BGB (German Civil Code)). This provision applies exclusively in relation to entrepreneurs within the meaning of Section 14 BGB, to legal persons under public law and to special funds under public law (purely B2B).&lt;/p&gt;</description></item><item><title>Trust Center</title><link>https://datargo.com/en/trust-center/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://datargo.com/en/trust-center/</guid><description>&lt;h2 id="hosting-and-data-location"&gt;Hosting and data location&lt;/h2&gt;
&lt;p&gt;Datargo runs exclusively within the European Union. The default location is Frankfurt am Main. Region pinning and on-premises options are available through Datargo One. All customer data processed on your behalf stays in the EU; only the app push notifications (Apple) and payment processing (Stripe) run via US providers certified under the EU-US Data Privacy Framework. No other third-country transfers without appropriate safeguards.&lt;/p&gt;
&lt;h2 id="security"&gt;Security&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Strict tenant isolation, enforced consistently across the platform&lt;/li&gt;
&lt;li&gt;Tamper-evident, append-only audit trail&lt;/li&gt;
&lt;li&gt;Access control with MFA and step-up authentication for sensitive actions&lt;/li&gt;
&lt;li&gt;Encryption in transit and at rest&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="compliance"&gt;Compliance&lt;/h2&gt;
&lt;p&gt;Datargo supports evidence for NIS2, DORA, ISO 27001, GoBD and e-invoicing per EN 16931. ISO 27001 certification is in progress; the current status is published here.&lt;/p&gt;</description></item></channel></rss>