Privacy and data security information

Learn more about how we handle your data and protect your privacy.

Security Information

At Visma, safety is our priority. Our customers trust us with their data and it is critical that we implement the necessary level of security to protect that data.

Information Security

  • Visma Machine Learning (Visma ML Assets) complies with GDPR legislation and is ISO 27001 and 900 certified.
  • Visma ML Assets uses certified infrastructure for hosting and data storage.
  • Visma ML Assets's security is based on Visma Group's own security program (Visma Security Program), which is mandatory for all Visma products.

ISO 27001 & 9001 Certified

As an essential part of the operation and security of the service, we also adopt Visma's application delivery model process (Visma Cloud Delivery Model, VCDM for short), which ensures high standardisation and efficient operation of the systems. VCDM is a framework to deliver cloud software to customer needs. The framework is based on a set of core principles and focuses on DevOps and Continuous Delivery. VCDM has the following audit assurance report and certifications:

  • ISAE 3402 Type II
  • ISO 27001

Visma ML Assets's certificate can be downloaded here.

  • ISO 27001 ensures high-security standards when processing your data
  • ISO 27001 is an internationally recognized standard for information security systems

Visma Group Security and Compliance Standards

Through Visma's programs that we are enrolled in, our work is structured to ensure stable and consistent delivery of service as well as secure and trustworthy management of customer data. From the following links, you can familiarise yourself with Visma's compliance work and how data security and data protection have been implemented in our services:

The Visma Security Program and the Visma Architecture and Technology Program are integrated in VCDM. Our Information Security Management System (ISMS) is certified according to ISO 27001 and it's audited annually by an independent IT auditor.

Visma Trust Centre

More information about Visma's security program and compliance work can be found at the Visma Trust Centre.

More about these frameworks here:

Please contact our team for more details, if needed.

Compliant with Privacy Regulations

We at Visma ML Assets enforce processing in the EU to support GDPR. All data processed is saved within the EU and our processes are GDPR compliant.

  • Our servers and privacy policy are GDPR compliant
  • All data are processed under the Data Processing Agreement
  • Our servers are safely located in Europe

Visma ML Assets has carefully selected sub-processors who help us store your data and increase the level of security. Visma ML Assets is fully hosted in EU data centres on Google Cloud Platform.

Visma Group's privacy statement can be found at The website contains information in accordance with the GDPR on how Visma processes personal data both as controller and processor of personal data, as well as information on the rights of data subjects.


Visma ML Assets makes every effort to make its APIs available on a continuous basis 24 hours a day, 7 days a week, so we can offer our customers predictability. Our ISO certifications require a minimum uptime of 99.8%, which Visma ML Assets satisfies.

The Visma status page reports the incidents for our APIs, below Common Services > Machine Learning Assets.

On the status page you will find an up-to-date overview of the statuses of our system. You can subscribe to updates, where you get email notifications whenever Visma Cloud Services creates, updates or resolves an incident.

Whistleblower channel

Visma has its own whistleblower channel, where employees, former employees, customers, suppliers and others can report objectionable conditions in Visma and any breaches of Visma's obligations to respect human rights and decent working conditions.

The Visma Whistleblowing Channel is a tool that enables the anonymous submission of (suspected) violations of local and/or EU/EEA regulations both within Visma and outside, as well as violations of Visma's own guidelines. The channel ensures confidential communication between the whistleblower and the person who processes the complaint internally.

Visma ML Assets is connected to this channel. Report any concern you might have through the Visma Whistleblowing website.