Data Handling
Data Storage and Location
All your data is stored in Frankfurt, Germany, ensuring compliance with European data protection standards. We maintain strict control over data residency and never transfer your data outside of our designated secure infrastructure.
Security Measures
Encryption
- All data is encrypted at rest (in storage)
- All data transfers are encrypted in transit
- End-to-end encryption for sensitive communications
CASA Tier 2 Verification
We are CASA (Cloud Application Security Assessment) Tier 2 Verified, which is Google's security standard for cloud applications. This verification means:
- Regular security assessments
- Compliance with Google's security requirements
- Implementation of industry best practices
- Regular security audits and updates
AI Processing
Our Models
We use our own AI models for certain processing tasks, which are hosted within our secure infrastructure in Frankfurt.
OpenAI Integration
For enhanced AI capabilities, we also utilize OpenAI's models. OpenAI is GDPR compliant and maintains high security standards. When using OpenAI:
- Data is processed according to GDPR requirements
- OpenAI maintains strict data protection measures
- We have a Data Processing Agreement (DPA) in place with OpenAI
- Data is only used for the specific purpose of providing our service
Data Access Controls
We implement strict access controls to ensure your data is only accessible to authorized personnel and systems:
- Role-based access control
- Regular access audits
- Minimal access principle
- Secure authentication requirements
Compliance
We maintain compliance with:
- GDPR (General Data Protection Regulation)
- European data protection standards
- Industry security best practices
- Regular security assessments and updates