+49 (0) 89 2154 7447
info@brandcrock.com
Google
★★★★★
brandcrock-logo

Security Compliance at BrandCrock

For many companies, information security is part of vendor evaluation, project approval, and long-term collaboration. BrandCrock is certified according to ISO/IEC 27001:2022 and follows an internationally recognized standard for information security management.

The certification reflects a structured framework for handling security-related risks, responsibilities, and internal processes. It supports a more systematic and traceable approach to information security across day-to-day operations.

iso-certified-hero-banner-w600

What ISO/IEC 27001:2022 means at BrandCrock

ISO/IEC 27001:2022 defines requirements for an Information Security Management System. At BrandCrock, this means that information security is handled within a structured organizational framework rather than through isolated measures or informal routines.

This includes defined responsibilities, documented processes, risk assessment, and the regular review of relevant controls and procedures. Information security is therefore treated as part of ongoing operations and operational quality, not only as a topic for individual situations.

iso-certified-what-this-means-for-clients-and-partners-w680

What this means for clients and partners

For clients and partners, the certification is a relevant trust signal. It shows that information security is handled in a structured and traceable way, especially in projects involving sensitive data, system access, integrations, and ongoing operational responsibility.

This does not replace individual project assessments or procurement checks. It does, however, provide a more reliable basis for collaboration where security-related topics require clear ownership, documented procedures, and a systematic approach to risk handling.

If you would like to understand how this fits into the broader company context, you can also visit  About BrandCrock.

Information security in project and product contexts

At BrandCrock, information security is not limited to client delivery. It also applies in the context of proprietary digital products such as BrandPos, where structured processes, clear responsibilities, and a systematic handling of security-related topics form part of the operational framework.

The reference to BrandPos describes the security and governance framework within BrandCrock. It should not be interpreted as a separate product certification unless explicitly stated.

This broader operational view is particularly relevant where project work, platform responsibility, and long-term technical support overlap.

iso-certified-Information-security-in-project-and-product-contexts-w680
iso-certified-what-the-certification-does-and-does-not-mean-w680

What the certification does and does not mean

The certification reflects a structured approach to information security, including responsibilities, documented procedures, and a risk-based management model.

It does not mean that risk no longer exists, nor does it automatically confirm compliance with every legal or regulatory requirement. It also does not replace the need to assess project-specific or product-specific requirements individually.

What it does mean is that information security is managed within a defined framework and reviewed on an ongoing basis.

Where this matters in practice

This is particularly relevant in projects that involve ongoing access, connected systems, operational responsibility, or complex delivery structures. In these contexts, information security is closely linked to process reliability and technical governance.

This is one reason why the topic is also relevant across services such as  Shopware Support  and  Shopware Integrations, where structured operations, system access, and stable collaboration matter in day-to-day work.

iso-certified-where-this-matters-in-practice-w680 copy
iso-certification-certification-details-side-image-w-234

BrandCrock GmbH

Standard: ISO/IEC 27001:2022

Status: Active

Scope:

The ISMS covers the design, development, deployment, and support of the BrandPOS platform provided by BrandCrock GmbH. This includes all processes, information systems, personnel, and infrastructures involved in delivering the platform to customers. The scope encompasses our headquarters located at Max-Planck-Straße 5, 85716 Unterschleissheim, Germany and all data processing facilities that support platform operations.

Company Address:

Max Planck Street 5, 85716 Unterschleißheim, , Germany 

iso-certified-certificate-details-w436

Certification Details

Certificate Number :  DKU75TSI20260316DEUIS1J6

Scheme : ISO 27001:2022

Original Issue Date : 16 Mar 2026

Current Issue Date : 16 Mar 2026

Validity Period : 3 Years

First Surveillance Date : 16 Feb 2027

Second Surveillance Date : 16 Feb 2028

Expiry Date : 15 Mar 2029

Accreditation : IAS

Country : Germany

icon-certification-related-pages-icon-w70

Related pages

Depending on your role and requirements, the following pages may also be relevant if you would like more context on BrandCrock, ongoing collaboration, or service-related topics:

About BrandCrock

Shopware Support

Shopware Integrations

Contact us

iso-certification-related-pages-icon-w70

Discuss security and compliance requirements

If you need more information about the certification, its scope, or security-related requirements in project or product contexts, feel free to contact us.

Get in Touch
Scroll to Top