Last updated: 2026-06-10. This page is a public summary; the binding details live in our Data Processing Agreement and Terms.
Our promise in one paragraph
We run LLM inference on EU-located GPUs by default. Your prompts and responses are never used to train models, never logged in cleartext by default, and traffic is encrypted in transit. We sign Data Processing Agreements as a GDPR sub-processor, our sub-processor list is public, and you can compel deletion of your data at any time.
1. Data handling
What we process
- Inference traffic: prompts you send and responses generated. Streamed end-to-end; not persisted unless you turn on transcripting yourself.
- Account & usage metadata: user identity, API-key fingerprint, model name, token counts, latency, IP address, jurisdiction of serving GPU, timestamps. Used for billing, audit, abuse prevention.
- Knowledge base content (only if you upload it): documents you provide for RAG. Stored encrypted at rest, only used to answer your own queries.
What we do NOT do
- We do not train any model on your prompts, responses, knowledge base, or any other data you send us. This is contractually committed in the DPA.
- We do not log prompt or response content by default. If you enable transcripting on your own conversations, that is your choice and your storage.
- We do not sell, share, or rent customer data to third parties beyond our published sub-processors.
2. Encryption
- In transit: TLS 1.3 end-to-end (client → router → GPU instance).
- At rest: application databases and secrets are encrypted; provider-native disk encryption is used where available. Dedicated deployments can add stronger at-rest controls under contract.
- In use (single-tenant tier): customer-managed encryption keys (BYOK) are part of the Single-Tenant Encrypted tier. Confidential computing (TEE / encrypted VRAM) is on our roadmap, gated on EU GPU provider availability.
3. Where your data is processed
By default, inference runs on EU-region GPUs (currently Vast.ai EU machines for the EU Hosted beta). This means EU-located processing, not yet a fully EU-sovereign provider chain. Sovereignty Mode is sold only when a verified EU-sovereign provider path, sub-processor chain, audit export, and support-access controls are active for the customer. The default region is set per API key and overridable per request.
4. Logging & retention
| What | Logged? | Retention (default) | Configurable? |
|---|---|---|---|
| Prompt content | No (by default) | 0 days | Yes (opt-in transcripting) |
| Response content | No (by default) | 0 days | Yes (opt-in transcripting) |
| Request metadata (model, tokens, latency, IP, jurisdiction) | Yes | 90 days | 30–365 days per contract |
| Audit log (key creation, deletions, admin actions) | Yes (append-only) | 365 days | Per contract |
| Knowledge base documents | Yes (encrypted, you upload them) | Until you delete | Owner-controlled |
5. Your rights — deletion & export
- Deletion: you can revoke API keys, delete instances, delete knowledge bases, delete conversations and your account at any time from the dashboard or via the Management API. Hard-delete propagates to backups within 30 days.
- Right to compel deletion: under the DPA, you can require deletion of all your processed data within 14 days of written request, except where retention is legally required (e.g. invoicing under Dutch tax law).
- Data export: usage records, conversations, and knowledge base content are exportable via the Management API or dashboard.
6. Sub-processors
The current list of sub-processors is published at /legal/subprocessors. We notify customers in advance of any sub-processor change and offer the right to object.
7. Isolation
- Shared pool (default): GPU instances are shared across customers but each request is routed to a separately authenticated, separately accounted execution context. Routing layer is shared.
- Single-tenant encrypted tier: dedicated GPU instance(s) per customer, customer-isolated network policy, optional BYOK. Routing layer remains shared but never cross-routes a single-tenant key.
8. Authentication & access control
- Customer auth: Laravel Sanctum personal access tokens (long-lived) for API use; OAuth/password + optional Google SSO for web. Tokens are hashed before storage.
- Internal access: minimum staff with auditable shell access. No staff has read access to prompt content.
- All admin-side changes appear in the audit log with actor, timestamp, IP.
9. Incident response
- Breach notification to affected customers within 72 hours of confirmed personal-data incident (GDPR Art. 33–34).
- Status communication on /status and via email to the customer billing contact.
- Security issues: security@hostyourai.com (PGP key on request).
10. Certifications & roadmap
- ISO 27001: trajectory started, target certification within 12 months.
- NEN 7510: prioritised once we have a healthcare anchor customer.
- BIO: prioritised for Dutch government engagements.
- Pen-testing: annual third-party penetration test; summary reports available under NDA.
We will not falsely claim certifications we do not yet hold. If a certification is required for procurement, please ask — we can share our current state, the audit timeline, and compensating controls.
11. The DPA
Our standard Data Processing Agreement covers all of the above contractually. We will sign customer-supplied DPAs that materially match it; bespoke negotiations are welcome for enterprise contracts.
Get in touch
For security or compliance questions, contact security@hostyourai.com. For commercial questions including partner tiers, sub-processor approvals, or custom DPA terms, /contact.