Security

Data residency and isolation

Your data stays inside the EU, separated per client, behind a reviewed network edge.

data regionEU onlyedgeWAF + TLS

Security

Where your data lives

Everything runs on EU-based cloud infrastructure (currently OVH and Netcup, with Hetzner and other EU providers available), with Cloudflare in front for TLS, WAF, and bot mitigation. No data or inference leaves the EU perimeter by design.

Read the data-storage clause in the full policy

Per-client isolation

Each client's data sits in its own lane. A request in one tenant cannot read or cross into another. The boundary is enforced, not assumed.

Network and platform posture

We ship a hash-based Content Security Policy and Trusted Types, so no inline or third-party script runs that we did not sign for. Cloudflare handles edge filtering and rate limiting.

See the full sub-processor list→

See the Cloudflare and storage clauses

Security

Data residency and isolation

Your data stays inside the EU, separated per client, behind a reviewed network edge.

data regionEU onlyedgeWAF + TLS

Security

Where your data lives

Read the data-storage clause in the full policy

Per-client isolation

Each client's data sits in its own lane. A request in one tenant cannot read or cross into another. The boundary is enforced, not assumed.

Network and platform posture

We ship a hash-based Content Security Policy and Trusted Types, so no inline or third-party script runs that we did not sign for. Cloudflare handles edge filtering and rate limiting.

See the full sub-processor list→

See the Cloudflare and storage clauses