Optimaite is hosted in the EU, GDPR-compliant, and protects your data with industry-leading security measures. Transparency matters to us.
Our platform meets the strict requirements of European data protection and security standards.
Full compliance with the European General Data Protection Regulation. DPA, TOMs, and subprocessor registry available.
All application data is exclusively processed and stored in the EU. Infrastructure at Hetzner Cloud in Germany.
Your data is never used to train AI models. AI processing takes place in EU data centres via Microsoft Azure AI Foundry (Germany), AWS Bedrock (Frankfurt) and Google Vertex AI (EU) with zero-retention agreements; third-country involvement is safeguarded by adequacy decisions or EU Standard Contractual Clauses.
Technical and organizational measures to protect your data.
How your data flows through our platform and where it is processed.
User accounts & authentication
Document processing, AI analysis
AI assistance & communication
Security logging & error diagnostics
Hetzner Cloud
Infrastructure & storage · Germany
Zilliz Cloud
Vector database (embeddings) · EU (Frankfurt)
Azure AI
AI provider (GPT, Gemini) · EU (Germany)
AWS Bedrock
AI provider (Claude) · EU (Frankfurt)
Vercel
Website hosting · EU regions
Sentry
Error monitoring · EU
All relevant documents for your compliance review.
General terms and conditions for the use of the Optimaite platform.
Read ToSData processing agreement pursuant to Art. 28 GDPR including TOMs.
Read DPAInformation on the handling of personal data.
Read privacy policyNotice about AI outputs, human review, model limits, and data processing.
Read AI noticeTerms for time-limited trial, demo, and pilot access.
Read termsComplete list of all subprocessors used.
View listTechnical and organizational measures (TOMs).
View detailsInformation pursuant to § 5 DDG and legal information.
Read legal noticeAll application data is processed and stored exclusively in Germany (Hetzner Cloud, Falkenstein/Nürnberg) in EU data centres. AI processing takes place via EU-based services (Microsoft Azure AI Foundry – Germany, AWS Bedrock – Frankfurt, Google Vertex AI – EU); any third-country involvement is safeguarded by adequacy decisions or EU Standard Contractual Clauses.
No. We operate AI models through EU-based services (Microsoft Azure AI Foundry in Germany, AWS Bedrock in Frankfurt, Google Vertex AI in the EU) with explicit zero-retention and zero-training agreements. Customer data is processed in EU data centres in regular cloud operation and discarded immediately after processing; any third-country involvement is safeguarded by adequacy decisions or EU Standard Contractual Clauses.
Yes. Our DPA pursuant to Art. 28 GDPR is available as part of our terms of service and includes the technical and organizational measures (TOMs) as well as the complete subprocessor registry.
Optimaite implements a strict multi-tenant architecture with isolation at the database level. Every tenant query is automatically filtered, preventing unauthorized access to other tenants' data.
Our team is happy to assist you with security questions, DPA requests, and compliance reviews.