Fjeldmann Fjeldmann
From Data to Insight Coding Agents for Data Professionals
KONTEKST™
Contact
dansk
Contact
dansk

Security and Compliance at Fjeldmann Solutions

Last updated: 6 July 2026

Fjeldmann Solutions ApS develops AI solutions for Danish organisations, including municipalities and public authorities. Our solutions are used in contexts where data protection, information security and responsible use of AI are central requirements.

We are a small company with a practical and structured approach to security. This page describes our key organisational and technical security measures, our approach to data protection and our ISAE 3000 Type 1 assurance report.

ISAE 3000 Type 1 Assurance Report

Fjeldmann Solutions has obtained an ISAE 3000 Type 1 assurance report covering relevant controls within information security, data protection and operation of our solution.

A Type 1 assurance report documents that the described controls have been assessed as suitably designed at a specific point in time. It therefore covers the design of the controls at the reporting date, not their operating effectiveness over an extended period.

The report can be shared with customers and partners where relevant, for example in connection with vendor assessments, procurement, data processing agreements or security reviews.

Our Approach to Security

Our security work is based on four core principles:

Data minimisation
We only process information that is necessary for the specific solution, delivery or enquiry.

Need-to-know access
Access to systems and data is granted only to individuals with a specific work-related need. Access rights are reviewed and removed when they are no longer required.

Protection of customer data
Customer data is processed in accordance with customer agreements, relevant data processing agreements, security appendices and internal controls.

Responsible use of AI
AI is used as a support tool. Our solutions are designed so that professionals can continue to assess, verify and take responsibility for the specific use case.

Organisational Controls

Fjeldmann Solutions has internal policies and procedures for key security areas, including:

  • information security
  • access management
  • data protection
  • vendor management
  • secure development
  • vulnerability management
  • security incident handling
  • backup and contingency measures, where relevant to the specific delivery

As a small company, we keep our processes simple and operational. The purpose is clear ownership, traceability and controls that can be followed in practice.

Access Management

We use individual user accounts, access restrictions and multi-factor authentication where possible and relevant.

Administrative privileges are limited to individuals with a specific need. When roles, collaborations or customer relationships change, access rights are reassessed so that unnecessary permissions are removed.

Data Protection

We process personal data in accordance with the GDPR and the agreements we enter into with our customers.

Our public website is covered by a separate privacy policy. It describes what information we receive through contact forms, how we use it and how long we retain it.

Read our privacy policy here

For customer solutions, data processing is agreed specifically with each customer. This includes purpose, data types, subprocessors, deletion and relevant security measures.

Vendors and Subprocessors

We only use vendors and subprocessors when they are necessary to deliver our solutions.

Before a vendor is used to process customer data, we assess, among other things, the vendor’s role, security level, data processing relationship and relevant contractual terms.

Where relevant, we make information about subprocessors available to customers as part of the data processing agreement or the specific delivery agreement.

Technical Security

Our technical security measures depend on the specific solution and customer agreement, but may include:

  • encrypted communication via HTTPS/TLS
  • access control at system and application level
  • separation of environments, where relevant
  • limitation of administrative privileges
  • secure handling of secrets, keys and access credentials
  • logging and technical traceability, where relevant
  • ongoing updates of dependencies and components

We prioritise simple and robust solutions over unnecessarily complex setups.

Secure Development

Security is part of the way we develop our products and customer solutions.

Changes are assessed, tested and reviewed before being put into production. We use version control, restricted access to code repositories and ongoing attention to known vulnerabilities in the libraries and components we use.

AI, Data and Customer Control

When our solutions use AI, we focus on transparency, customer control and clear organisational safeguards.

Customers should be able to understand how the solution is used, what types of data are processed, and which security and governance measures are relevant.

AI output should be used with appropriate professional judgement. This is particularly important in public sector and regulated contexts, where decisions, guidance or citizen-facing processes require human responsibility and a proper legal basis.

Security Incident Handling

We have an internal process for handling suspected security incidents.

If we become aware of an incident, we assess the scope, affected systems and any potential impact on customers or data subjects. Customers and relevant parties are informed in accordance with applicable agreements and legislation.

Security-related enquiries can be sent to contact@fjeldmann.dk.

Contact

Questions about security, compliance or data protection can be sent to:

Fjeldmann Solutions ApS
CVR: 46046331
Email: contact@fjeldmann.dk

Back to home
CVR 46046331
© 2026 Fjeldmann Solutions · All rights reserved.
Privacy Policy Security & Compliance Terms of Service