The Visma server infrastructure is built on secure public cloud solutions. We also use our own data centres facilitated by Visma IT & Communications. Data processing takes place in Europe and follows local European regulations and requirements regarding protection of data privacy. In order to comply with national legal requirements, separate data storage is in addition provided in Norway and Sweden (see FAQ for details on national requirements).

  • Locked and alarmed with 24/7 surveillance.
  • External and internal video monitoring and traceability of access to the premises.
  • Redundant climate control with environmental monitoring of gas, moisture, heat and water.
  • Fire alarm with automatic fire fighting equipment.
  • Uninterruptible power supply regularly tested against fictional power outages.
  • For public cloud solutions, we use the vendor's data centres for storage of information. They run around the clock and ensure operations by protecting against power outage, physical intrusion and network outage. These data centres conform to recognised industry standards of physical security and reliability.

Visma stores and processes HRM customer data at the following data centres.

Can't find what you're looking for? eAccounting, Cloud ERP and numerous other products and services are now located at:

Data centreLocationKey products / product linesData centre key compliance
Visma IT&C data center Norway, Oslo
  • Visma Cloud Platform (
  • Financials
  • HRM
  • Common assets
  • Visma FLYT
    • Visma Flyt Arkiv
    • Visma Flyt BVV
    • Visma Flyt Sampro
    • Visma Flyt Skole
    • Visma Flyt PPT
  • Visma CLM
  • Visma Opic
  • Visma Payroll FI
  • Visma Proceedo
  • Visma TendSign
  • ISO 9001
  • ISO 20000-1
  • ISO27001
  • ISAE 3402 SOC1
Visma IT&C data center Sweden, Växjö
  • Visma Affärslösningar
  • Visma Cloud Platform (Visma Online)
  • Visma Personec P
  • ISO 9001
  • ISO 20000
  • ISO 21500
  • ISO 27001
Amazon Web Services (AWS) Ireland, Dublin + Germany, Frankfurt
  • Visma DigitalBooker
  • Visma e-conomic
  • Common assets
  • Visma Flyt Kindergarten
  • Visma InSchool (Vsware)
  • Visma eAuction
  • Visma CLM
  • EasyCruit
  • Enterprise BI
  • ISO 9001
  • ISO 27001
  • ISAE3402 SOC1, SOC2
EU-U.S. Privacy Shield Framework certified,
EU Standard Contractual Clauses (EU SCC)
Microsoft Azure Ireland, Dublin + Netherland, Amsterdam
  • Accounting Office solutions
  • Common assets
  • Visma eAccounting
  • Visma WebFaktura
  • ISO 9001
  • ISO 27001
  • ISAE3402 SOC1, SOC2


  • Visma Cloud Platform (Visma Online)
  • Visma eAccounting
  • ISO 9001
  • ISO 20000-1
  • ISO 27001
  • ISO 14001

Denmark, Copenhagen

Visma e-conomic
  • ISO/IEC 27001:2005
  • ISO 22301
  • BS 25999-2:2007
Elisa Appelsiini Finland Visma Netvisor
  • ISAE 3402
  • ISO 9001
  • ISO 20000-1
Rackspace UK, Berkshire Visma Severa
  • ISO 27001
  • ISO 9001
  • ISAE 3402 SOC1, SOC3
Tieto Sweden, Stockholm
  • Visma Affärslösningar
  • Visma Personec P
  • ISO 9001:2008
  • ISO 14001:2004
  • ISO/IEC 27001:2005
DGC One Sweden, Stockholm Visma Recruit
  • ISO 9001
  • ISO14001
  • ISO 20000


Q: Is it legal to store data outside of my country?

In general, yes. However, some countries have rules that specify special requirements (especially for accounting and payroll data). Where applicable, the information is transferred and stored in separate data centres in Norway, Sweden and Denmark in order to comply with the national rules.

For an overview of the various requirements, see below:


Primary documentation:

Recorded information or documentation connected to the Balance Sheet.
Example: Invoices, receipts and expense reports from employees.

Secondary documentation:

Documents that function more as a “supplement” (secondary evidence).
Example: Contracts/agreements, outgoing packaging slips and time sheets.

For Norway:
  • Primary and secondary documentation shall be stored in Norway.
  • The documentation may be stored in the Nordic countries under the (main) condition that the bookkeeping entity (Visma Customer) inform the Directorate of Taxes in writing as to what accounting materials are stored abroad, where the accounting materials are stored, and how the inspection of bodies may access the accounting material at any given time.
  • If the documentation shall be stored outside the Nordic countries, each company must apply to the Tax Inspectorate for dispensation.
  • The primary documentation shall be stored for 5 years.
  • The secondary documentation shall be stored in 3.5 years.
For Sweden:
  • Primary and secondary documentation shall be stored in Sweden.
  • The documentation may be stored in the EU, Norway or Iceland under the condition that the bookkeeping entity (Visma Customer) inform the Directorate of Taxes in writing.
  • The primary and secondary documentation shall be stored for 7 years.
For Finland
  • Primary and secondary documentation shall be stored in Finland or another EU country.
  • Primary documentation shall be stored for 10 years.
  • Secondary documentation shall be stored for 6 years.
For the Netherlands
  • Primary and secondary documentation shall be stored in the Netherlands or another EU country.
  • Primary and secondary documentation shall be stored for 7 years.
For Denmark
  • Primary and secondary documentation shall be stored in Denmark.
  • Primary and secondary documentation shall be stored for 5 years.

Q: Where is data stored when integrating to other services / assets?

See the data centre table above.

Q: What about storage or processing of data outside of the EU/EEA?

All data centres hosting Visma's software are located in the EU/EEA. In the case of US based providers (Amazon Web Services, Microsoft Azure and Rackspace), we host and process data only in their European data centres. Furthermore, Visma only contracts US based Data processors and Data Sub-processors that use EU Standard Contractual Clauses in the contracts, and we follow closely the development of the Privacy Shield framework.

Please see the data centre table above. For further information about data centres, certifications, or data protection, please contact us at

Vision, mission and values

We work towards:
Providing IT solutions that keep our customers one step ahead of their competition.

We are here to:
Promote competitiveness and contribute to the creation of growth and effectiveness for our customers.

We live by:
Respect, reliability, innovation, competence and team spirit.

Development process

Visma strives to develop software according to current development best practices. We keep up to date with industry trends and predictions, as well as planned and possible disruptive changes.

We have many teams developing software in Visma, therefore there are some differences between the teams, both in how the teams work and in how fast they deliver software to our customers.The number of team members, the customer segment and the service or product the team is working on, determines how they work. The teams release changes and new versions to customers at varying intervals, ranging from daily updates when needed to longer intervals.

We hold the quality of our software as our highest priority, including security and performance of the service. Customer involvement during the development stage is a crucial aspect in order for us to always be in tune with our customers’ needs, and be able to deliver the most important features needed by our customers.

All of our services are continuously monitored, and if any deviations are detected and have an impact on one or several of our customers it is reported on our status sites (e.g. for general products or for the product line).

Incident management

An incident is defined as "any event which is not part of the standard operation of a service and which causes or may cause an interruption to, or a reduction in, the quality of that service".

When we receive notification of an incident in our system, either from our customers who report a deviation, or from our internal resources (personnel or monitoring), our teams immediately act upon this information and try to classify the incident severity. If of high severity, we follow an escalation process in order to reach the correct team and fix the deviation as soon as possible.

Compliance to standards and certificates

In order to make sure that we are following the best development practices, we always strive to comply with industry standards and have regular audits by approved external organisations to ensure these are followed to the right extent.

We use cookies to collect information on your interaction with our website and combine this with the data you provide us to build a profile so we can show you content tailored to your interests. By accepting, you allow us to collect and process your personal information as described here.