Our data protection guarantee

We explain how we use strict technical and organizational measures to protect your data and fully comply with the GDPR.

Our Guarantees at a Glance

Strict GDPR compliance:
Your data, your rights. All of our data processing procedures are fully compliant with the European General Data Protection Regulation (GDPR), one of the strictest data protection laws in the world.

Server location in Germany:
Your digital home is secure. Your core data—that is, the entire software and database infrastructure—is hosted exclusively on certified servers in Frankfurt am Main, Germany.

Military-grade encryption:
We’ve built a digital fortress around your data.

  • Data Transmission (TLS): As soon as you enter anything, the connection between your device and our servers is protected by strong Transport Layer Security (TLS) encryption. Think of it as a tap-proof tunnel.

  • Data storage (AES-256): We store your data using the Advanced Encryption Standard 256-bit (AES-256). This standard is also used by the military and for state secrets and is considered virtually unbreakable.

  • Database Isolation (RLS): Even within our database, your data is strictly separated from others through Row-Level Security (RLS). For you, this means: Each workspace is like its own sealed vault. No other user can ever access your data or chats, even if they use the same database.

Full Control Over AI Models & Hosting:
You’re in the driver’s seat. As the administrator of your workspace, you decide with a single click which AI models are available to your team. You have full transparency and the choice between different hosting options for individual models to meet your compliance requirements.

Our available AI models are categorized into 3 tiers:

  • EU Hosting / EU Processing: The model is hosted and processed exclusively within the EU.

  • EU Hosting / Global Processing: The model is hosted in the EU, but processing may take place globally during periods of high load to ensure performance.

  • Global Hosting / Global Processing: The model is hosted and processed outside the EU, giving you access to a wider range of models.

Zero-Retention Policy & Purpose Limitation:
Your data belongs to you. Always.

  • No Training with Your Data: We have a strict zero-retention policy. This means that none of your inputs or the content generated by the AI will ever be used to train third-party models. What happens in your workspace stays in your workspace. More about the zero retention policy

  • No Data Sales: Under no circumstances will we sell your personal data to third parties or share it for third-party advertising purposes.

  • Transparent Partners: For our infrastructure (e.g., AWS, Azure, Google Cloud), we only work with established providers. All are bound by strict data processing agreements (DPAs) to our high data protection standards.

If you have any questions about data protection, please feel free to email us at support@innogpt.de