Triple safeguard
Files can be protected with an expiry date, a maximum download count, and an out-of-band code communicated over a second channel. So a forwarded link alone is not enough.
Software · in development
WILKE IT data room.
Secure file sharing with customers — GDPR-compliant, hosted on Hetzner infrastructure in Germany. Available as managed hosting or as a self-hosted package; fully white-label on request.
StatusActive development
Pilot releaseQ3 2026
HostingHetzner Falkenstein & Nuremberg
ModelsManaged · Self-hosted · Enterprise
The gap
Between e-mail attachment and enterprise data room.
If, as an IT provider, tax adviser, law firm or mid-sized business, you regularly share confidential documents, you know the problem: e-mail attachments are insecure and size-limited, international services like WeTransfer keep data outside the EU, and solutions like ShareFile or Tresorit are expensive and heavyweight. A self-hosted Nextcloud handles the data-protection angle but is overkill for pure file sharing.
With the WILKE IT data room we're building a platform aimed exactly at that gap: lean, secure, fully GDPR-compliant — and optionally sellable as a white-label product for other service providers.
What the platform does
Clear separation between provider, customers and staff.
You add a customer as a company account; that customer invites their own staff and assigns fine-grained access rights themselves.
AES-256-GCM encryption
On request, every file is stored encrypted with a customer-specific key at upload — so even hypothetical storage access does not yield anything decryptable to third parties.
Public-token mode
You generate a link plus code. The recipient enters both and downloads the file — no account, no registration. Ideal for one-off deliveries.
Security as default
Not an option — the default setting.
Mandatory two-factor authentication
Every login protected with TOTP app, passkey/WebAuthn or e-mail code. No admin bypass.
ClamAV virus scan
Uploaded files are scanned before they're made available to recipients.
Signed audit log
Every action (upload, download, share, permission change) lands in a cryptographic hash chain — tamper-resistant.
Brute-force protection
Argon2id password hashing, rate limiting, automatic account lockout — standard on every endpoint.
German data centres
Hetzner Falkenstein & Nuremberg, TLS 1.3 enforced, no data flow to third countries.
GDPR documents included
DPA contracts, privacy and imprint templates, plus a helper for the Art. 30 GDPR processing record are bundled.
Two paths
Managed by us, or self-hosted by you.
The data room comes in two models — plus an Enterprise variant for particularly large installations.
Managed hosting by WILKE IT
You get your own tenant on a domain of your choice, fully in your branding. We handle operations, updates, backups and security patches.
- Licence tiers: 5 · 15 · 50 · 100 customer accounts
- Monthly billing, no setup fee
- Updates & backups automatic
- Hosting in Germany
Self-hosted package
Docker Compose bundle from our private registry. You run the data room on your own infrastructure. Licence key plus a documented update script.
- Fully within your network
- Patient/mandated data stays on premises
- Update script & documentation included
- Optional with support contract
Enterprise variant for more than 100 customer accounts per instance: self-hosted only, with individual SLA, on quote.
White-label
Fully under your brand.
Each tenant manages their own logo, primary and accent colours, font, and a dedicated e-mail sender (with DKIM signing) in the admin UI — no redeployment needed. For self-hosted customers, the solution starts without any WILKE IT branding.
Technology
Conservative stack, deliberately chosen.
Few moving parts, long half-life, no JavaScript heavyweight on the frontend.
Django 5.1PostgreSQL 16HTMXCelery + RedisHetzner Object StorageCaddy 2Docker
Secure file sharing without enterprise baggage.
We help you pick the right variant for your use case — managed or self-hosted.