HEINI
DE Book demo Choose plan
Start Features
Solutions Managing directorsCFO & financeIT leadershipTax advisorsTradesFreight & logisticsAll industriesEnterprise
Pricing Integrations
Customers All customersPSE TechnikKnowledge staysSupplier with HeiniGroup & holdingAgencies & partners
Resources All resourcesFAQBlogCustomers & casesStories
Login Book demo Choose plan
Federation · proprietary system

9:00 a.m. Vienna is connected — SAP in Munich, Odoo in Hamburg, legacy in Vienna. Three data spaces, one thread.

Many sites. One approval. No mixing.

IT leadership rolls out the fourth site. Not as a migration project — as its own single-tenant on Hetzner in Falkenstein, connected via the proprietary federation. SAP stays SAP. Odoo stays Odoo.

The group CFO opens the holding view. Open items from five subsidiaries, prepared — with source, site and reason. He taps Approve for consolidation. Only then do figures flow into the group report.

The data protection officer checks separation: each subsidiary its own data space, RBAC from SSO, audit trail exportable across sites. No shared storage, no US-cloud risk.

A procurement case in Munich affects Hamburg. HEINI prepares cross-site approval — who sees what is wired in. Data is never quietly mixed.

9:30 a.m. Done. Group depth without group weight — separate where it matters, connected where it helps.

Federation connects. You decide — site by site.

HerzstückSingle-tenant per siteEnterprise tier Available today
Talk to Daniel → Security & DPA
heini · federation rollout
Clarify DPA & SSO architecture check · 30 min
Single-tenant per site Falkenstein · own encryption
Activate adapters Vienna · legacy ERP
Connect federation proprietary layer
Approval layer live holding view active
Site by site · no big bang

Federation is a proprietary system: sites and subsidiaries connected, data spaces separate, consolidation only on approval.

Federation is a proprietary system. The connection layer between sites — separate data spaces, controlled approval, audit-proof logging. Enterprise tier only.

Plan matrix Enterprise overview — group, SSO, DPA, audit → Story Case study — group & holdings →
Why holdings fail

Four typical group traps — federation addresses them directly.

ERP unification from the top

“Everyone on SAP” sounds clean — takes years, eats budget and fails on subsidiary resistance. Heterogeneity stays reality.

Mixing data means liability

The DPO says no to shared tenants. Each subsidiary needs its own data space — and still an overview.

Consolidation in Excel

Quarterly figures from five systems by email and spreadsheet — error-prone, not audit-proof, every quarter anew.

Approvals without a thread

What may happen across sites lives in process PDFs. Nobody sees what awaits approval — until the auditor asks.

Herzstück federation

The connection layer groups need.

Federation is a proprietary system: it connects sites in a controlled way — without mixing data, without parallel shadow IT. Every cross-site approval is logged traceably.

Herzstück architecture · enterprise tier · live on rollout.

Single-tenant per site

Each subsidiary its own stack.

Each site runs in its own single-tenant on Hetzner in Falkenstein — own encryption, own data space. Federation sits above, mixes nothing.

Strict tenant separation · privacy by design.

Heterogeneous ERPs

SAP, Odoo, legacy — side by side.

HEINI docks via open and custom adapters. No vendor lock, no big bang. The norm in groups is diversity — federation is built for it.

Odoo · SAP · Lexware · bespoke — connected, not replaced.

Approval layer

One view. Many data spaces.

The holding sees what awaits approval — per site, per case, with reason. Consolidation is prepared, not forced. The last click stays human.

Consolidation on approval — never silent, never mixed.

SSO & RBAC

Rights from your identity management.

Single sign-on takes roles 1:1 — no parallel permission system per subsidiary. Reviewer mode for audit and accountants included.

SSO · RBAC · reviewer mode in enterprise tier.

How you roll out federation
01

Inventory sites

ERPs, adapters, roles — what each subsidiary uses today, without unification fantasy.

02

Single-tenant per subsidiary

Own stack, own encryption — federation connects only when the data space stands.

03

Activate approval layer

Holding view, consolidation, audit — all via the proprietary federation layer.

In depth

Federation in depth.

Herzstück architecture

Federation is a proprietary system — the controlled connection layer between tenants.

Separate data spaces

Strict separation per site — no shared storage, no silent copies.

Consolidation prep

Figures and cases prepared across sites — flow only after approval.

Roles per site

RBAC tenant-separated: each role sees only what it may see.

Custom adapters

Special ERPs and legacy — enterprise tier, documented, no vendor favoured.

Audit-proof log

Every cross-site action with time, reason, approval — PDF for auditors.

Quarterly audit packs

Export across sites — for internal audit, external audit, privacy.

Holding dashboard

What waits, where it sticks, which site — one board instead of five spreadsheets.

Supply-chain federation

Partners on HEINI: needs and BOMs more direct — expansion in progress, core stands.

Enterprise tier

Federation, SSO, SLA (Annex D), DPA, dedicated CSM — on request.

Trust

Separate where it matters. Connected where it helps.

Federation is a proprietary system on single-tenant architecture in Falkenstein. Strict per-tenant separation, role-based access, audit-proof log across all sites.

Proprietary federationServers: FalkensteinSSO · DPA on request

Federation — enterprise on request.

Herzstück multi-site architecture with SSO, SLA (Annex D) and dedicated CSM. Daniel Heinen leads the demo on your structure.

Contact Enterprise →
FAQ

What IT leadership and privacy ask first.

What is federation?

The proprietary connection layer between HEINI sites: separate data spaces, controlled approval, consolidation prepared — never mixed.

Is federation proprietary?

Yes. Federation is a proprietary system — the architecture that connects sites without mixing data.

How many sites are possible?

Federation is designed for holdings and groups with multiple sites — in the enterprise tier, scope by agreement.

Different ERPs per site?

Yes — and that is the norm. Heterogeneous ERP landscapes are the starting point, not the exception.

How is data separated?

Each site has its own single-tenant and fully separate data space. Federation connects in a controlled way — without sharing storage.

How does consolidation work?

HEINI prepares figures and cases across sites. Only what you approve flows into the group report.

Where is the data?

Operational data on Hetzner servers in Falkenstein, Germany — single-tenant. For AI inference on the SaaS platform, EU sub-processors with US parent companies may apply per the DPA; the marketing website (Umami) has no third-country transfer in normal operation.

Do I need the enterprise tier?

Yes. Federation, SSO, SLA, DPA and custom adapters are part of the enterprise tier — on request.

Let’s talk about your sites.

30 minutes on subsidiaries, ERPs and federation rollout — Daniel Heinen leads the demo himself.

Talk to Daniel → Security & DPA