Skip to content
Independently verified · Quarterly re-audit
EU VETTED

Uniqkey

VERIFIED
Password managers · Denmark
Founded 2017 · uniqkey.eu ↗

Danish business password & access manager (Uniqkey A/S, Copenhagen), Danish-hosted, zero-knowledge E2E, ISO 27001, EIFO-backed, NIS2-focused.

In short

Uniqkey, in the Password managers category, is an EU-owned service with Denmark as its hosting location and no identified CLOUD Act exposure.

Assessment notes

Uniqkey is a Danish business password-and-access manager operated by Uniqkey A/S (Copenhagen; founded 2017 by Hakan Yagci, backed by Denmark's national promotional bank EIFO plus a €5.35M raise). It is fully Danish-incorporated and EU-owned, hosted entirely on Danish data centres, zero-knowledge end-to-end encryption, ISO 27001 certified, with an explicit 'no third-party data transfer' policy and a dedicated NIS2-compliance posture; gap at audit: DPA and sub-processors URLs not publicly linked; structurally strong EU sovereignty profile with those documents pending public confirmation.

CLOUD ACT
OWNERSHIP
SUB-PROCS
not disclosed
Verified signals
Jurisdiction
  • EU / adequacy hosting
  • EU / adequacy operator
  • No US CLOUD Act exposure
Transparency
  • Public DPA
  • Sub-processors disclosed
  • Open-source clients
  • Third-party certification
JUMP TO
OVERVIEW

About Uniqkey

Uniqkey is a business-focused password and access manager operated by Uniqkey A/S, headquartered in Copenhagen, Denmark. The company was founded in 2017 by Hakan Yagci, is backed by EIFO, Denmark's national export and investment fund (a state promotional bank), and has raised around €5.35M to expand across Europe. That ownership profile is unusually clean for the category: a Danish A/S with national-bank backing, no US parent, no US private equity, and no US venture capital on record.

The product splits into two parts: UniqPass (password management) and UniqAccess (access / SSO-style management), delivered through browser extensions and native apps for iOS, Android, Windows and macOS. The sovereignty story is the selling point. Uniqkey states that all data is hosted on Danish data centres with no third-party data transfer, uses zero-knowledge end-to-end encryption so Uniqkey itself cannot read customer vaults, is ISO 27001 certified, and markets a dedicated NIS2-compliance posture aimed at EU businesses that now fall under the expanded NIS2 directive. Reference customers include the Van Gogh Museum and the Danish public-sector IT supplier KMD, meaningful procurement signals for an EU-buyer audience.

For an EU-sovereignty audit the only gaps are documentation and pricing transparency. The DPA and a sub-processors list were not directly findable on the public site at audit (a B2B vendor of this type certainly provides a DPA to customers; it simply was not linked publicly), which leaves the sub-processor signal unverified pending a next-pass check. Pricing is quote-based: the site advertises "one price, complete solution" with a free trial but does not publish per-user figures, so the EUR entry point is recorded as null. Best fit: EU SMBs and public-sector buyers (especially Nordic ones) that want a business password manager with genuine in-country (Danish) hosting, ISO 27001, zero-knowledge encryption and an explicit NIS2 angle, and who are comfortable with a sales-led pricing process.

SUB-PROCESSORS

Sub-processor map · not disclosed

Vendor does not publish a sub-processors list. Schrems II compliance and CLOUD Act exposure cannot be independently verified without it.
CERTIFICATIONS

Frameworks & certifications

ISO/IEC 27001
ACTIVE
FEATURES

Capability matrix

Passkeys Yes
Autofill Yes
Breach monitoring Yes
Family sharing No
Platforms iOS macOS Windows Android
INTEGRATION & ACCESS
REST API No
SSO (SAML / OIDC) Yes
COMPLIANCE & GOVERNANCE
Audit log Yes
Self-host / on-prem option No
PRICING

Pricing & tiers

PAID
Custom pricing

Contact vendor for tier or volume pricing.

View pricing page ↗
PUBLIC DOCUMENTS

Public documents

Vendor does not publish a sub-processors list. Schrems II compliance and CLOUD Act exposure cannot be independently verified without it.
  • Data Processing Addendum (DPA)
    support.uniqkey.eu/hc…
    Open ↗
  • Sub-processors list
    — missing
    missing
  • Terms of Service
    www.uniqkey.eu/terms-of-service…
    Open ↗
ALTERNATIVES

Alternatives in this category

heylogin
Germany · Founded 2021
EU-SOVEREIGN

German passwordless zero-knowledge password manager (heylogin GmbH, Braunschweig), all-German sub-processor stack, ISO 27001:2022, no CLOUD Act exposure.

Public DPA Sub-processors Open source
FROM
€4/mo
CLOUD ACT
NONE
KeePassXC
Germany · Founded 2016
EU-SOVEREIGN

GPLv3 fully-offline desktop password manager (KeePassXC Team, Weimar DE, est. 2016): no cloud, no servers, no telemetry; structurally zero CLOUD Act exposure.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
NONE
LC-Pass
Germany
EU-SOVEREIGN

German-hosted business password manager from LC by vBoxx GmbH; collections, group sharing, central management, unlimited devices; an EU-hosted 1Password / LastPass alternative.

Public DPA Sub-processors Open source
FROM
€3.99/mo
CLOUD ACT
NONE