Trust Center

AI Models We Use

Your inputs are processed by best-in-class AI models. We never store prompts beyond the 90-day window, and your data is never used to train any model.

Data Handling

• AI output logs auto-deleted after 90 days
• Passwords hashed with bcrypt (WordPress standard)
• No selling of personal data to third parties
• Email used only for account & billing
• Cookie consent required (EU visitors)
• Export or delete your data anytime via /account/

Infrastructure & Uptime

• Hosted on Hetzner (Germany, EU) — GDPR-compliant infrastructure
• Cloudflare CDN & DDoS protection — 300+ PoPs globally
• Cloudflare Web Application Firewall with custom rule set
• Off-site daily database + media backups (Cloudflare R2)
• TLS 1.3 on all endpoints (HSTS + auto-renewing certificates)
• 99.9% uptime target — see /status/ for current incidents

Compliance

• GDPR (EU 2016/679)
• Czech Data Protection Act (PDPA)
• Stripe PCI DSS Level 1 (payment processing)
• Cookie consent banner (EPRIVACY/PECR)
• Terms of Service: /terms-of-service/
• Privacy Policy: /privacy-policy/

Security Practices

• Rate limiting on all API endpoints (5 req/min/IP)
• Nonce validation on all forms & AJAX calls
• XSS protection via WordPress escaping functions
• SQL injection prevented by $wpdb::prepare()
• Responsible disclosure: [email protected]