Skip to content
Independently verified · Quarterly re-audit
EU VETTED

Stackfield

VERIFIED
Project management · Germany
Founded 2012 · stackfield.com ↗

Munich-based E2E-encrypted collaboration suite (Stackfield GmbH, 2012); ISO 27001 + BSI C5, DE data centres, AES-256 in browser.

In short

Stackfield, in the Project management category, is an EU-owned service with Germany as its hosting location and no identified CLOUD Act exposure.

Assessment notes

Stackfield GmbH (Munich, Maximiliansplatz 17; HRB 199536; founded 2012 by Christian Mudra + Christopher Diesing; ~10,000 customer companies) combines team chat, tasks, projects, files, whiteboards, and video conferencing in a single workspace with end-to-end AES-256 encryption applied in the browser before transmission so vendor employees cannot read content; ISO/IEC 27001 + BSI C5 certified, all data stored in German data centres only, founder-led, EU-owned with no CLOUD Act exposure.

CLOUD ACT
OWNERSHIP
SUB-PROCS
not disclosed
Verified signals
Jurisdiction
  • EU / adequacy hosting
  • EU / adequacy operator
  • No US CLOUD Act exposure
Transparency
  • Public DPA
  • Sub-processors disclosed
  • Open-source clients
  • Third-party certification
JUMP TO
OVERVIEW

About Stackfield

Stackfield is the Munich-based end-to-end-encrypted team-collaboration platform operated by Stackfield GmbH (Maximiliansplatz 17, 80333 Munich; HRB 199536 Local Court Munich; VAT DE283871998; managing director Cristian Mudure). Founded in 2012 by Christian Mudra and Christopher Diesing, the company serves 10,000+ companies with a single workspace that combines team chat, tasks, project management, document sharing, whiteboards, video conferencing, and email forwarding, positioned explicitly as the European E2E-encrypted alternative to Slack, Microsoft Teams, Asana, and Basecamp.

Compliance posture is among the strongest in the project-management category. The product is end-to-end encrypted with AES-256 applied in the browser before content is transmitted, meaning even Stackfield's own employees cannot read customer messages, files, or tasks. The company holds ISO/IEC 27001 certification and BSI C5 (the German government's Cloud Computing Compliance Criteria Catalogue), the same certification combination carried by Hetzner, IONOS, and STACKIT in the hosting category. All customer data is stored exclusively in German data centres with location-independent backup. In 2024 Stackfield raised a double-digit-million investment to scale the privacy-first product; founder-led, with no US-VC / US-PE involvement on record.

Pricing in EUR is straightforward: Starter €9/user/month (up to 10 users, 6 GB storage, 3 rooms); Business €14/user/month (unlimited rooms and users); Premium €18/user/month (most popular: whiteboards, email forwarding, full video conferencing); Enterprise €28/user/month (SSO, API provisioning, unlimited organisations). 14-day trial of Premium with no credit card; AI add-on €3.90/user/month; Office editing add-on €2.40/user/month from Premium up. Best fit: German and DACH organisations that need a Slack/Teams replacement with E2E encryption by default, BSI C5 / ISO 27001 evidence for procurement, and a Munich-rooted vendor. Combined with Nextcloud (self-host) and MeisterTask (DE, listed below), Stackfield forms a strong "Microsoft 365 alternatives" cluster.

SUB-PROCESSORS

Sub-processor map · not disclosed

Vendor does not publish a sub-processors list. Schrems II compliance and CLOUD Act exposure cannot be independently verified without it.
CERTIFICATIONS

Frameworks & certifications

ISO/IEC 27001
ACTIVE
C5
ACTIVE
FEATURES

Capability matrix

Workflow automation Yes
Kanban boards Yes
Gantt / timeline Yes
Time tracking Yes
Task dependencies Yes
Guest / client access Yes
Free tier No
INTEGRATION & ACCESS
REST API Yes
SSO (SAML / OIDC) Yes
COMPLIANCE & GOVERNANCE
Audit log Yes
Self-host / on-prem option No
PRICING

Pricing & tiers

PAID
from €9/mo
View pricing page ↗
PUBLIC DOCUMENTS

Public documents

DPA accessibility is not scored for this listing. Self-hosted or local software, vendors that are not data processors, and products carrying a SecNumCloud, EUCS or BSI C5 certification are not assessed on DPA accessibility. See How we assess.
Vendor does not publish a sub-processors list. Schrems II compliance and CLOUD Act exposure cannot be independently verified without it.
  • Data Processing Addendum (DPA)
    — not assessed
    n/a
  • Sub-processors list
    — missing
    missing
  • Terms of Service
    www.stackfield.com/terms…
    Open ↗
ALTERNATIVES

Alternatives in this category

Baserow
Netherlands · Founded 2020
EU-BASED

Dutch open-source no-code database (Baserow B.V., Amsterdam, KvK 81129254, 2020), MIT-licensed, self-hostable, SOC 2 + HIPAA, Airtable replacement.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
MINOR
factro
Germany
EU-SOVEREIGN

German PM software (factro by Schuchert Managementberatung, Bochum), 100% Made in Germany, free tier for up to 10 users.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
NONE
HansaChat
Germany
EU-BASED

Lübeck-based company chat with flat per-workspace pricing (not per-seat); Hetzner DE hosting only, all-EU sub-processors, SSO on all plans, a Slack alternative.

Public DPA Sub-processors Open source
FROM
€99/mo
CLOUD ACT
MINOR