diff --git a/conf/nginx-server-default.template.conf b/conf/nginx-server-default.template.conf
index 3a9b804191..6407221bbf 100644
--- a/conf/nginx-server-default.template.conf
+++ b/conf/nginx-server-default.template.conf
@@ -2,10 +2,10 @@ server {
   # Add strict csp header config
   add_header Content-Security-Policy
     "default-src 'none';
-    connect-src 'self' https://data.amsterdam.nl https://api.data.amsterdam.nl https://analytics.data.amsterdam.nl https://api.usabilla.com https://sentry.data.amsterdam.nl;
+    connect-src 'self' https://data.amsterdam.nl https://api.data.amsterdam.nl https://analytics.data.amsterdam.nl https://api.usabilla.com https://sentry.data.amsterdam.nl https://acc.data.amsterdam.nl;
     script-src 'self' https://analytics.data.amsterdam.nl https://*.usabilla.com http://*.usabilla.com 'unsafe-inline' 'unsafe-eval';
     img-src 'self' https://analytics.data.amsterdam.nl https://d6tizftlrpuof.cloudfront.net https://*.usabilla.com data:;
-    frame-src 'self' https://analytics.data.amsterdam.nl https://data.amsterdam.nl;
+    frame-src 'self' https://analytics.data.amsterdam.nl https://data.amsterdam.nl https://acc.data.amsterdam.nl;
     style-src 'self' https://fast.fonts.net https://d6tizftlrpuof.cloudfront.net 'unsafe-inline';
     font-src 'self' https://d6tizftlrpuof.cloudfront.net;
     manifest-src 'self';