We Use Cookies

    We use cookies to enhance your browsing experience, analyze site traffic, and personalize content. By clicking "Accept All", you consent to our use of cookies. You can customize your preferences or reject non-essential cookies.

    Learn more about our cookie policy
    GDPR Art. 28 compliant

    GDPR-Compliant AI for Your Business — German Servers, No US Access

    Use AI tools lawfully — with a DPA, German servers, and zero data retention. No CLOUD Act risk, no compromises.

    🇩🇪German Servers🛡️ISO 27001GDPR Compliant🔒Zero Data Retention📞EU-Hosted Models

    What Is at Stake

    GDPR is not opt-in. Using AI tools with personal data without GDPR-compliant contracts and technical safeguards is unlawful — regardless of whether the AI itself stores data.

    Fines up to 4% of annual turnover

    Art. 83 GDPR allows fines up to €20M or 4% of global annual turnover — for violations of basic processing principles and Art. 28 (missing DPA).

    Missing DPA = immediate violation

    Using AI tools without a Data Processing Agreement violates Art. 28 GDPR directly — even if the AI itself stores no data. No DPA = no lawful use.

    US cloud risk via CLOUD Act

    US providers are subject to the CLOUD Act. US authorities can compel data access — without notifying affected European users or companies. German servers eliminate this risk.

    The GDPR Compliance Checklist for AI·Collab

    Every point is technically and contractually anchored — not just a marketing claim.

    DPA under Art. 28(3) GDPR — available as PDF in English and German
    Data storage exclusively in Germany (centron.de, ISO 27001, Hallstadt/Bamberg)
    ZDRP: API parameter data_collection: deny — AI providers contractually bound not to store or train
    EU model routing: Processing exclusively via Microsoft Azure AI Foundry, Sweden Central (EU)
    DPIA conducted · Privacy by Design & Default as development principle
    Sub-processor list in DPA (Annex 3) — fully disclosed
    Full data portability and right to erasure on request under Art. 17 GDPR
    Download AVV (German, PDF)Download DPA (English, PDF)

    What GDPR Compliance Looks Like Technically

    Layer 1: Data Storage — Always Germany

    All stored data (chats, uploads, user data) remains exclusively on German servers. centron.de, Hallstadt/Bamberg, ISO 27001 certified. Independent of any configuration — cannot be disabled.

    Layer 2: AI Inference — ZDRP-Controlled

    Prompts are transmitted with the API parameter data_collection: deny. AI providers are contractually obligated neither to store nor to use them for training. Activation at org level: Settings → Privacy.

    Layer 3: EU Model Routing

    With EU routing enabled, all prompts are processed exclusively via Microsoft Azure AI Foundry (Sweden Central, EU). No transfer to third countries. Recommended for particularly sensitive data.

    View full GDPR compliance details →Download DPA / Data Processing AgreementView all pricing plans →

    GDPR-Compliant. Ready Now.

    Start with 3,000 free credits. No US risk. No commitment.

    No credit card required · Cancel anytime