fiskaly SAFE
Introduction
Section titled “Introduction”fiskaly SAFE is a cloud-based archiving solution designed to store fiscal data in compliance with applicable tax and commercial laws. The service ensures unalterability, order, completeness, and traceability of archived records. fiskaly SAFE is offered in two product options: SAFE (integrated with fiskaly services for fiscalization and e-invoicing via the fiskaly HUB) and SAFE flex (a standalone API for direct system integration). Both options are JSON-based RESTful SaaS solutions, with data archived in certified Google Cloud data centers in Germany.
Service Description
Section titled “Service Description”SAFE (HUB-integrated)
Section titled “SAFE (HUB-integrated)”- Directly integrated into the fiskaly HUB, where fiscalization and e-invoice customers can activate or deactivate archiving.
- Automatically archives data from connected SIGN, E-INVOICE and/or DSFinV-K services based on the frequency set by the Customer.
- Supports archiving and export of: TSS export (tar) files (SIGN DE), DSFinV-K files, DEP7 files (SIGN AT), XML files (SIGN IT, SIGN FR, E-INVOICE).
- Search and export of archived data via HUB UI or API.
SAFE flex (API-based)
Section titled “SAFE flex (API-based)”- Provides a standalone API for direct system integration.
- Supports upload of fiscal data exports from certified technical security devices, structured POS transaction data, and procedural documentation (XML, JSON, CSV, PDF, ZIP, HTML).
- Search and export of all archived data via API.
- Supports compliant archival for jurisdictions including Austria, Spain, Italy, Croatia, Liechtenstein, Slovakia, Switzerland, Slovenia, Hungary, France, and others.
Both options
Section titled “Both options”- Audit-secure archive with cryptographic hash chaining of audit logs (OwnedBy, LogNumber, Operation, Timestamp, PreviousHash, CurrentHash, HashAlgorithm, AuditEvent, UserIdentifier).
- Deletion or modification of stored data (artifacts or metadata) is not possible; changes are documented via new independent files.
- Customer-defined retention periods; proof of audit-proof archiving up to 10 years.
- Maximum file size per export: 10 MB.
- Designed for high availability (RPO max 5 seconds, RTO max 24 hours).
fiskaly’s scope of services does not include: integration into recording systems; development of individual solutions or adaptations; training services; provision of internal documentation (except public integration instructions and API descriptions via workspace.fiskaly.com); data transfer services between the API and the END CUSTOMER’s IT systems at SAFE flex; support and assistance services not expressly specified in the contract; or other products of fiskaly.
Functionalities
Section titled “Functionalities”- Compliant data archiving: Archival in accordance with principles of unalterability, order, completeness, and traceability.
- Audit logs: Every operation is logged with independent audit trails per organizational unit, chained via cryptographic hashes.
- Search: Archived data can be searched by multiple criteria based on annotations (created_at, retention_period_days, start_date, end_date, client_id, tse_id, etc.).
- Export: Selected data can be exported as ZIP/TAR files for analysis, reporting, or regulatory submissions, in standardized formats compatible with country-specific tools.
- Annotations: Customers configure annotations via API for file categorization and retrieval; the system validates transferred data against annotation schemas if set.
- Duplicate detection: Mechanisms to detect and prevent re-upload of duplicate files.
- No content validation: fiskaly does not validate the content, structure, compliance, completeness, or correctness of imported files, annotations, or metadata.
System Requirements
Section titled “System Requirements”- A valid contractual relationship with fiskaly.
- An internet connection.
- For SAFE: Configured fiskaly service for fiscalization (SIGN, DSFINVK) and/or e-invoicing (E-INVOICE); access to the fiskaly HUB.
- For SAFE flex: Integration of the SAFE API into the POS system; API key and authentication via the provided endpoint.
- API documentation and integration guides are available at workspace.fiskaly.com; Postman Quick-Start collections are also available.
Maintenance and Support
Section titled “Maintenance and Support”fiskaly is committed to maintaining and updating the SAFE service. fiskaly undertakes to maintain and update the Service with a view to supporting its security, availability, and ongoing alignment with applicable technical and reporting requirements; however, the Customer remains responsible for implementing required updates, migrations, and integration changes on its side. The service is versioned according to semantic versioning; significant changes resulting in new major releases will be documented. Maintenance activities may result in the temporary outage of the service. As far as possible, these activities shall be announced at least two (2) weeks in advance; emergency maintenance activities may deviate from this. fiskaly provides assistance to customers via the fiskaly support portal (support.fiskaly.com).
Testing
Section titled “Testing”fiskaly provides a TEST environment for both SAFE and SAFE flex. The TEST environment is fully functional with the same properties as the LIVE system. New versions are available in the TEST environment before LIVE release. fiskaly is not responsible if real data is used in the TEST environment.
Service Limitations
Section titled “Service Limitations”- fiskaly does not provide any semantic validation of archived data; completeness, correctness, and regulatory compliance are the sole responsibility of the Customer.
- fiskaly does not validate annotations, metadata, or field selections made by the Customer.
- Maximum file size per export file is 10 MB; larger files are automatically rejected.
- To maintain consistent quality across the multi-tenant platform, this service enforces per-tenant throughput limits, by default: up to 10 requests per second. If these limits are exceeded, requests may be throttled (HTTP 429).
- Changes in applicable laws may introduce breaking changes requiring new major releases; customers must integrate these as soon as available.
- fiskaly aims to limit major releases to at most one per year, but time-critical regulatory changes may require more frequent updates.
Customer Obligations
Section titled “Customer Obligations”- Responsible for activation/deactivation and configuration of the service via the HUB.
- Must configure fiskaly services for fiscalization (SIGN, DSFINVK) and/or e-invoicing (E-INVOICE) correctly.
- Must transmit all required tax-relevant data in the specified format and schema.
- Must retrieve, retain, and submit exports to competent tax authorities upon request.
SAFE flex
Section titled “SAFE flex”- Responsible for exporting data from the relevant fiscal API and uploading it to SAFE flex with correct annotations.
- Must define the right granularity of exported data (e.g., one export per TSS and day).
- Must configure annotations in accordance with applicable legal requirements (no validation by fiskaly).
- Must upload all relevant files with correct annotations.
- Must properly integrate the SAFE API into the POS system and ensure timely and continuous transmission.
- Must retrieve, retain, and submit exports to competent tax authorities upon request.
Version: v.1 | Last updated: 2026/03/24
Was this page helpful?