In the following, we would like to answer the most important questions in connection with existing data protection regulations.
The security of online data in AbaNinja is guaranteed and is continuously checked and updated. Several tools are available in AbaNinja so that the companies concerned can comply with the regulation. We will expand these tools in the future and provide new options.
All of the client's content in Ninja is hosted on modern and secure cloud data storage in Switzerland.
The servers for Ninja are located in data centres in Switzerland that are certified according to ISO 9001, ISO 14001, ISO 27001, ISO 45001, ISO 50001, ISAE 3402, PCI/DSS Compliant. The connection is encrypted. Regular back-ups (data backups) of the customer's data are carried out. The technical and organisational measures taken correspond to the state of the art and are continuously adapted to new technological developments.
Within Ninja, there are various options for deleting data, which the customer can make use of themselves. However, this does not apply to certain data for bookings within Ninja accounting, which are subject to a legal obligation to keep records according to the Federal Ordinance on the Preservation of Corporate Books (OPCB) and are required for this purpose. All data can also be deleted at the instruction of the client.
It is possible to download data from all Ninja applications in the common formats (such as PDF, Excel). For security reasons, no "database dump" is offered.
What are the security standards regarding the bank connections?
The usual approval processes are used with the banks. The online interfaces to the banks are subject to strict security requirements and have also been checked by an external security company.
AbaNinja communicates with AbaSky. How does this communication work with respect to security and are the requirements?
The same requirements apply to the interface to Abacus Financial Accounting as to the AbaWeb model. We recommend an upstream web server, etc.
An AMID with a corresponding subscription must be created on AbaSky, which is required together with the Saas user for the link. Depending on the installation, AbaWeb Support can provide a more precise assessment and information.
Where can I find the Ninja Data Processing Agreement?
The Data Processing Agreement (DPA) is part of the GTC of Ninja and is automatically completed with the acceptance of the GTC. The relevant contractual documents can be viewed here:
Third parties are also involved in order to make the best use of the application. These include those who have been commissioned by us in order to be able to use Ninja in the best possible way. They can be seen in our list of other processors, which is an appendix to the DPA. Other possibilities exist to connect the applications to third party providers. Here, the customer expressly agrees to such data transfers when connecting a service to the third party provider and when using them.
Until 31.10.2023, questions regarding data protection can be sent to
After 01.11.2023, questions regarding data protection can be sent to