How we use your data

Data Storage and Location

All your data is stored in Frankfurt, Germany, ensuring compliance with European data protection standards. We maintain strict control over data residency and never transfer your data outside of our designated secure infrastructure.

Security Measures

Encryption

• All data is encrypted at rest (in storage)

• All data transfers are encrypted in transit

• End-to-end encryption for sensitive communications

CASA Tier 2 Verification

We are CASA (Cloud Application Security Assessment) Tier 2 Verified, which is Google's security standard for cloud applications. This verification means:

• Regular security assessments

• Compliance with Google's security requirements

• Implementation of industry best practices

• Regular security audits and updates

AI Processing

Our Models

We use our own AI models for certain processing tasks, which are hosted within our secure infrastructure in Frankfurt.

OpenAI Integration

For enhanced AI capabilities, we also utilize OpenAI's models. OpenAI is GDPR compliant and maintains high security standards. When using OpenAI:

• Data is processed according to GDPR requirements

• OpenAI maintains strict data protection measures

• We have a Data Processing Agreement (DPA) in place with OpenAI

• Data is only used for the specific purpose of providing our service

Data Access Controls

We implement strict access controls to ensure your data is only accessible to authorized personnel and systems:

• Role-based access control

• Regular access audits

• Minimal access principle

• Secure authentication requirements

Compliance

We maintain compliance with:

• GDPR (General Data Protection Regulation)

• European data protection standards

• Industry security best practices

• Regular security assessments and updates