Data Protection & Security
Full transparency about how we handle your data. Hetzner hosting in Germany, no third-country transfer of content data, no AI training, a DPA with four annexes.
Our Data Protection Principles
Own Infrastructure
All data remains on our own servers at Hetzner in Germany. No US cloud provider.
No AI Training
Audio and text data are never used to train AI models. Never.
Encryption
TLS 1.3 in transit, AES-256 for backups, bcrypt for passwords, hashed API keys.
Auto-Deletion
Configurable auto-deletion between 7 and 365 days. Permanent on request with Pro.
GDPR-Compliant
Full compliance with Art. 28 + Art. 32 GDPR. With four annexes in the DPA.
DPA in Minutes
Request online, receive a pre-filled PDF with annexes 1–4 by email.
Topics in Detail
Each area has its own page with in-depth content – written directly for data protection officers.
Our Security
Encryption, access controls, penetration tests, incident response – the complete technical and organisational measures.
Data Processing
Which data we process, for what purpose, where it is stored and when it is deleted.
Sub-Processors
Complete list of all third parties with access to data – with location, purpose and safeguards.
Your Rights
Access, rectification, erasure, data portability, objection – how you exercise your GDPR rights with us.
FAQs
Answers to the most common questions about GDPR compliance, AI training, storage location and data protection.
Data Processing Agreement (DPA)
For business customers – request conveniently by email. We send you the pre-filled contract as a countersigned PDF.