Information security

Version May 2020

Exact takes information security very seriously, including personal data related security. We have dedicated operational processes to manage information security, dedicated security staff and an internal reporting mechanism to facilitate proper decision making in case of incidents.

Compliance Committee

Obviously, we are committed to comply to all relevant legislation, such as the Dutch Data Protection Act. A key mechanism in managing information security is our compliance committee, that monitors security processes and discusses security incidents, after being detected and analysed by our corporate information security officer. The compliance committee is chaired by our CFO Alexander Rahusen.

We are dedicated to transparency

We don’t pretend to be able to prevent all security incidents. Incidents can and will occur occasionally. When they do, we dedicated to being transparent about them. We believe this is the best way to maintain the trust of our customers. Meanwhile, we obviously work hard to make sure incidents are as rare as they can be. To this end, our processes are audited regular. You can request the assurance reports via our support channels.

Protection of your personal data

We take substantial efforts to protect the confidentiality of personal data, preferences and other information. To protect this information, we make substantial investments in our server, database, backup and firewall technologies. For more information, please see the Privacy Statement.

In Exact Online, we offer a mandatory extra security layer: 2-Step Verification. By using this technique, we help prevent abuse through phishing or malware. In this way, we provide maximum support for online safety – which is crucial to us. This means that, in addition to your username and password, you will need to add an extra piece of information that is available only to you as a user. This makes any misuse of your data much more difficult.

Approved by independent experts

Our development and operational management processes are tested annually by highly qualified independent experts. This results in an independent assurance statement (ISAE 3402 type 2) that ensures our customers that our software is reliable and secure. The safety of Exact Online is determined at least annually via a pentest – an investigation to identify if software contains security related vulnerabilities. We have processes in place to take necessary actions if findings are reported.

After an extensive audit, Exact Online obtained the Zeker-OnLine quality mark in September 2019. With this certificate, the software demonstrably meets the standards for reliability, safety, functionality and continuity of service. Entrepreneurs and accountants can rest assured that Exact Online is reliable business software. You can find more information about this certification at

Safest datacentres in the world

For Exact Online, Exact Purchase to Pay and Exact Expense Management on the Exact Cloud, we work together with Amazon Web Services (AWS), the largest public cloud provider in the world. Our data is stored on AWS datacentres in Ireland, known to be the safest in the world. Working with our solutions is always via a secure connection. It is encrypted according to industrial standards. Not only for Exact Online, Exact Purchase to Pay and Exact Expense Management or Exact Cloud we follow strict security guidelines and implementation, but we also demand (and ask for prove) compliance to these security standards from all suppliers we use in services to our clients.

For the Exact Globe, Synergy, Financials software, Exact is also independent audited and security (pen) tested, similar to Exact Online. The audit resulted in an independent assurance statement (ISAE 3402).

Exact Cloud Services provides hosting for Exact Globe, Synergy, Financials and Business Software on the Exact Cloud. A external auditor has provided Exact Cloud Services with the ISAE 3402 Type II assurance report. For Exact Cloud Services we also have an ISO270001 certificate. The ISO 27001 certificate guarantees the security and continuity of the Exact Cloud. This makes the Exact Cloud demonstrably a safe and future-proof choice.

Request information

All assurance reports can be requested via your support channel. Other important security questions can be sent to

Helpful links

How can you control your security for ExactOnline

How do we do security at Exact Online

EN Select your country