CSA STAR Registry

NIZU OÜ is a private limited company incorporated under the laws of the Republic of Estonia (VAT: EE102264113), headquartered in Tallinn, Estonia. NIZU develops and operates NIZU WorkSpace, a subscription-based cloud workspace platform delivered as a Software-as-a-Service (SaaS) offering to business clients across the European Union. NIZU WorkSpace provides isolated, multi-tenant digital workspace environments, enabling clients to manage their teams, data, and operations through a secure, cloud-based platform. The service is delivered on infrastructure provided by Hetzner GmbH (Germany), operating within the European Economic Area. NIZU OÜ operates in full compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR), the Estonian Personal Data Protection Act (IKS), and the ePrivacy Directive. A designated Data Protection Officer (DPO) oversees all data protection activities. NIZU acts as a Data Controller for platform-level user data and as a Data Processor under Article 28 GDPR for data processed within client workspaces. Security is foundational to NIZU's operations. The platform enforces encryption at rest (AES-256) and in transit (TLS 1.2+), multi-factor authentication for administrative access, role-based access control, tenant isolation, and continuous vulnerability management. NIZU maintains documented policies covering incident response, business continuity, change management, cryptography, and supply chain risk, all reviewed at least annually.