HEINI
DE Book demo Choose plan
Start Features
Solutions Managing directorsCFO & financeIT leadershipTax advisorsTradesFreight & logisticsAll industriesEnterprise
Pricing Integrations
Customers All customersPSE TechnikKnowledge staysSupplier with HeiniGroup & holdingAgencies & partners
Resources All resourcesFAQBlogCustomers & casesStories
Login Book demo Choose plan
Enterprise · group & holdings

8:00 a.m. Seven sites, four ERPs — and the holding has an overview without mixing data.

Your stack stays. HEINI connects the sites.

IT leadership opens the federation board. Munich runs SAP, Hamburg Odoo, Vienna the grown legacy stack — each site in its own single-tenant on Hetzner in Falkenstein. HEINI sits at each one, mixes nothing.

The CFO needs Q1 numbers for the board. HEINI prepared consolidation — receipts, open items, three variances with reasons. Nothing flows into holding figures without approval.

The data protection officer asks about US cloud and data residency. Answer in one sentence: single-tenant in Germany, DPA on request, SSO from existing identity management — no parallel role system.

31 items await approval across sites. IT sees per subsidiary what is waiting. The CFO approves consolidation. The DPO gets the quarterly audit pack as PDF.

8:45 a.m. Done. What used to eat weeks in Excel and email chains is prepared — separate where it matters, connected where it helps.

HEINI connects. You decide — site by site.

Proprietary federationSSOSLA (Annex D)DPA Available today
Talk to Daniel → Security & DPA
heini · group architecture
Munich SAP · single-tenant
Hamburg Odoo · single-tenant
Vienna legacy · rollout
Prague legacy · single-tenant
Federation proprietary
Approval queue 31 items
Q1 consolidation CFO approval
7 sites · 4 ERPs · 0 mixed

HEINI connects group sites via proprietary federation — separate data spaces, one approval layer, nothing important without your OK.

Enterprise tier: 150,000 actions / month · SSO · SLA (Annex D) · federation · custom adapters · dedicated CSM · quarterly audit.

Plan matrix Federation in depth — multi-site for holdings → Story Case study — group & holdings →
What slows groups down

Four things that cost holdings time and nerves.

Heterogeneous ERP landscape

Every subsidiary a different system — SAP here, Odoo there, legacy beside it. Consolidation today means Excel, emails, weeks.

Audit & compliance burden

GoBD, GDPR, ESPR, supply-chain law — documentation across sites, by hand. Auditors want receipts, not slide decks.

Data residency & IT security

Operational data in Germany, DPA on request. The data protection officer needs clear answers — SSO, tenant separation, AI sub-processors in the DPA, not “we will see".

Consolidation without overview

The holding needs figures and cases from all subsidiaries — without disempowering sites and without mixing data.

Federation

Many sites. Separate data spaces.

Each subsidiary runs in its own single-tenant stack. HEINI connects them via federation — roles see only what they may see. Consolidation is prepared, not forced.

7 sites · 4 ERPs · 0 mixed data spaces.

Security

SSO, DPA, ISO — what IT demands.

Single sign-on from your identity management, data processing agreement on request, ISO 27001:2022 and BSI C5 Type 2 via Hetzner. Own encryption per account — on cancellation the key is deleted.

SLA (Annex D) · DPA on request · servers Falkenstein.

Audit & compliance

Audit-proof across all sites.

Every action in the log — with time, reason, approval. Quarterly audit packs, reviewer mode, PDF for the auditor. Independent second check that nothing was changed afterwards.

GoBD preparation · GDPR Art. 17 · ISO 42001 in preparation.

Custom adapters

SAP stays SAP. Odoo stays Odoo.

HEINI docks via open adapters — reads along, writes only on approval. No ERP replacement, no migration project. Custom adapters for edge cases in the enterprise tier.

Heterogeneous ERPs side by side — HEINI connects, does not replace.

Holding view

One overview. No disempowerment.

What is needed across sites, HEINI prepares — consolidation, open items, compliance status. The holding approves; each subsidiary keeps its data space.

31 items for approval today — 3 with a query back to the site.

How HEINI enters your group
01

Clarify DPA & SSO

Architecture check in 30 minutes — privacy, identity management, site list.

02

Site by site

Activate adapters, connect ERP, set colleague rights — each subsidiary its own stack.

03

Activate federation

Separate data spaces, one approval layer — consolidation prepared, never mixed.

In depth

What enterprise teams need in depth.

Federation

Multi-site for holdings: heterogeneous ERPs, separate data spaces, consolidation on approval.

SSO & RBAC

Rights 1:1 from your identity management — no parallel role system per subsidiary.

Single-tenant per site

Own compose stack, own encryption — no shared infrastructure.

Custom adapters

SAP, Odoo, Lexware, bespoke systems — documented, no vendor favoured.

Audit-proof log

Every step with time and reason — PDF for tax auditors and external audit.

Quarterly audit packs

Reviewer mode for accountants and internal audit — exportable across sites.

Per-colleague rights

Per role and site: what is taken on and what is watched — granular control.

ESPR & supply-chain law

Product passport and supply chain prepared — address EU duties today, not in a 2027 panic.

Dedicated CSM

A fixed contact for rollout, adapters and SLA — not an anonymous ticket system.

SLA (Annex D)

Availability in the individual enterprise contract (Terms Annex D) — not the default without a bespoke SLA.

Trust

Single-tenant on Hetzner in Falkenstein — operational data in Germany. No shared data space.

Single-tenant on Hetzner in Falkenstein, ISO 27001:2022 and BSI C5 Type 2, own encryption per account. Every step in the audit-proof log — approval principle in code, not only in the contract.

Servers: FalkensteinISO 27001:2022 · BSI C5DPA on request

Enterprise — on request.

Scope depends on sites, adapters and SLA. Daniel Heinen leads the demo himself — with your real requirements.

Contact Enterprise →
FAQ

What enterprise teams ask first.

What does the enterprise tier include?

150,000 actions per month, SSO, SLA (Annex D), DPA, federation for subsidiaries, custom adapters, quarterly audit and a dedicated contact.

What does enterprise cost?

On request — scope depends on sites, adapters and SLA. We clarify your requirements in the demo; list price from €12,900 net per month as orientation.

Must we unify our ERPs?

No. Heterogeneous ERP landscapes are the norm — HEINI connects via adapters, it does not replace.

Where is the data?

Operational data on Hetzner servers in Falkenstein, Germany — single-tenant. For AI inference on the SaaS platform, EU sub-processors with US parent companies may apply per the DPA; the marketing website (Umami) has no third-country transfer in normal operation.

How does federation work?

Each site has its own stack and data space. Federation connects them in a controlled way — roles see only their own, consolidation runs via approval.

How does SSO integration work?

HEINI takes rights 1:1 from your existing identity management — SAML/OIDC by agreement in the enterprise rollout.

Do we get a DPA?

Yes, on request — including sub-processor list and technical annex on hosting and encryption.

How long does rollout take?

The first site often in a few days. Federation and custom adapters scale site by site — no big-bang project.

Who leads the demo?

Personally with Daniel Heinen — 30 minutes on your structure, sites and ERPs. No sales team in between.

Let’s talk about your group.

30 minutes on your structure — Daniel Heinen leads the demo himself.

Talk to Daniel → Security & DPA