Trust Center
How we keep your data safe, which AI models we use, and our commitments to privacy and compliance.
At a Glance
AI Models We Use
Your inputs are processed by best-in-class AI models. We never store prompts beyond the 90-day window, and your data is never used to train any model.
| Provider | Model | Used For | Data Retention |
|---|---|---|---|
| OpenAI | GPT-4o-mini | Primary text generation — free & Pro | Not retained for training; 30-day API policy |
| Gemini 2.5 Flash | Text generation + vision/image analysis | 30 days (Google policy) | |
| Imagen 4 | Image generation | 30 days (Google policy) | |
| Self-hosted (Hetzner, EU) | Open-weights LLM | Chatbot + fallback inference | Not stored |
Data Handling
- AI output logs auto-deleted after 90 days
- Passwords hashed with bcrypt (WordPress standard)
- No selling of personal data to third parties
- Email used only for account & billing
- Cookie consent required (EU visitors)
- Export or delete your data anytime via /account/
Infrastructure & Uptime
- Hosted on Hetzner (Germany, EU) — GDPR-compliant infrastructure
- Cloudflare CDN & DDoS protection — 300+ PoPs globally
- Cloudflare Web Application Firewall with custom rule set
- Off-site daily database + media backups (Cloudflare R2)
- TLS 1.3 on all endpoints (HSTS + auto-renewing certificates)
- 99.9% uptime target — see /status/ for current incidents
Compliance
- GDPR (EU 2016/679)
- Czech Data Protection Act (PDPA)
- Stripe PCI DSS Level 1 (payment processing)
- Cookie consent banner (EPRIVACY/PECR)
- Terms of Service: /terms-of-service/
- Privacy Policy: /privacy-policy/
Security Practices
- Rate limiting on all API endpoints (5 req/min/IP)
- Nonce validation on all forms & AJAX calls
- XSS protection via WordPress escaping functions
- SQL injection prevented by $wpdb::prepare()
- Responsible disclosure: [email protected]
Questions about data privacy, security, or compliance? We respond within 24 hours.
Contact Us