Security & Privacy

Provider by provider, this is who handles your data:

• Mistral AI (France)AI language model, embeddings, and voice transcription
• Hetzner (Germany)Servers, database (PostgreSQL / pgvector), and file storage
• Black Forest Labs (Germany)AI image generation
• Brave Search (US)Web search for current information — query text only, stripped of every identifier (no account data, no IP address), sent from our EU servers

No analytics, no tracking pixels, no fingerprinting, and no third-party advertising.

These companies process personal data on our behalf to deliver the service. We have a data processing agreement with each one imposing equivalent GDPR obligations.

Brave Search (US) receives the search query text only — composed by the AI and sent from our servers with no user identifiers or IP address attached. OpenStreetMap, Open-Meteo, Wikipedia, and Frankfurter.dev receive only non-personal query parameters. Google, Microsoft, and Apple act as independent controllers when you sign in with them — as does Apple for App Store purchases — and are not our sub-processors.

Read our pre-signed Data Processing Agreement online, or download it as a PDF to share with your legal team. No account required.

We are not required to appoint a Data Protection Officer under Article 37 GDPR, but we treat data-protection enquiries as a first priority. For DPA counter-signing, sub-processor questions, or any GDPR request, contact: