KNIME Pro & Team: Data Security and Privacy

Your Data. Secure, Private, and Compliant.

Knime is committed to providing safe and secure software. KNIME Pro and Team on the KNIME Community Hub are designed to meet the industry-standard security measures and remain under your control. 

Hosting & Infrastructure

• European hosting: All KNIME Pro and Team data is hosted on Amazon Web Services (AWS) in Frankfurt, Germany, under European jurisdiction. At present, it is not possible to choose a different hosting region.
  
• Scalable, resilient architecture: KNIME Community Hub is a highly available, multi-tenant platform running on Kubernetes (EKS), designed to scale securely as your needs grow.
  
• Private space separation: Each Pro user and each Team has their own private spaces, logically and technically separated from others. Your data, workflows, and executions remain accessible only to you (or your team), unless you intentionally make them public.

Data Protection by Design

• Encryption at rest and in transit:  All workflows, files, and executed jobs are encrypted by default — stored securely in AWS S3 with server-side encryption (SSE-S3) and protected in transit with TLS.
  
• Isolated execution environments: Every workflow runs in a dedicated executor, isolated from other users through Kubernetes policies and network controls, ensuring strong separation of processes.
  
• Workflow separation: Each Pro user or Team has its own logically separated space. Only you (or your team members) can access the data inside, and nothing is shared with others unless you explicitly publish it.

Compliance & Certifications

• ISO 27001 certified: KNIME’s security management system follows globally recognized best practices, independently audited for compliance. The ISO 27001 certification is available on request: teamssupport@knime.com.
  
• GDPR compliant: All data processing follows strict GDPR rules.

We follow strict GDPR rules to keep your data secure. Legal bases for processing are clearing defined in our Privacy Policy. Data retention periods are applied appropriately to ensure transparency and accountability. Your workflows and files remain under your control at all times. 

For customers processing personal data within KNIME Pro and Team,  a ready-to-use Data Processing Agreement (DPA) can be signed here.

Operational Safeguards

• Penetration testing: Independent security auditors conduct penetration tests at least twice a year, and whenever major system changes are introduced.
  
• Secure software lifecycle: KNIME follows secure development and deployment practices aligned with ISO 27001 requirements.
  
• Continuous monitoring: KNIME Logs monitoring and alerting, to support both security and availability.

Additional topics: 

• AI Assistant (K-AI)
  • K-AI, KNIME’s AI-powered assistant, uses OpenAI’s large language models under the hood. Data may be processed outside the EU (U.S.) and prompts may be retained by OpenAI for up to 30 days. OpenAI is contractually prohibited from using your data for model training. 
  • K-AI is strictly opt-in: K-AI is always optional, and using KNIME Pro or Team does not require enabling it. Workflows and sensitive data are not processed unless you actively interact with the assistant.
    
• Fixed Executor IP for Firewall Whitelisting
  • KNIME supports IP whitelisting to connect to restricted databases or services. All executors in KNIME’s cloud share a fixed IP, which your IT team can whitelist.
  • Because this IP is shared across all Community Hub executors, whitelisting alone is not recommended. For stronger security, use it together with mechanisms like credential-based authentication, and rotate credentials regularly. Learn more.

Your Assurance of Trust

We understand that you handle important business data, and we’ve built KNIME Pro and Team to provide robust security practices and controls to support safe and responsible workflows.

For more details: knime.com/trust-and-security

Learn More

Trust & Security page

For ISO 27001 certification request and more details: teamssupport@knime.com