🔐

Trust Center

How we keep your data safe, which AI models we use, and our commitments to privacy and compliance.

At a Glance

✓ GDPR Compliant ✓ No training on your data ✓ Data deleted after 90 days ✓ SSL / TLS everywhere ✓ Stripe-secured payments ⏱ 99.9% uptime target
🤖

AI Models We Use

Your inputs are processed by best-in-class AI models. We never store prompts beyond the 90-day window, and your data is never used to train any model.

Provider Model Used For Data Retention
OpenAI GPT-4o-mini Primary text generation — free & Pro Not retained for training; 30-day API policy
Google Gemini 2.5 Flash Text generation + vision/image analysis 30 days (Google policy)
Google Imagen 4 Image generation 30 days (Google policy)
Self-hosted (Hetzner, EU) Open-weights LLM Chatbot + fallback inference Not stored
🗄️

Data Handling

  • AI output logs auto-deleted after 90 days
  • Passwords hashed with bcrypt (WordPress standard)
  • No selling of personal data to third parties
  • Email used only for account & billing
  • Cookie consent required (EU visitors)
  • Export or delete your data anytime via /account/

Infrastructure & Uptime

  • Hosted on Hetzner (Germany, EU) — GDPR-compliant infrastructure
  • Cloudflare CDN & DDoS protection — 300+ PoPs globally
  • Cloudflare Web Application Firewall with custom rule set
  • Off-site daily database + media backups (Cloudflare R2)
  • TLS 1.3 on all endpoints (HSTS + auto-renewing certificates)
  • 99.9% uptime target — see /status/ for current incidents
📋

Compliance

  • GDPR (EU 2016/679)
  • Czech Data Protection Act (PDPA)
  • Stripe PCI DSS Level 1 (payment processing)
  • Cookie consent banner (EPRIVACY/PECR)
  • Terms of Service: /terms-of-service/
  • Privacy Policy: /privacy-policy/
🔒

Security Practices

  • Rate limiting on all API endpoints (5 req/min/IP)
  • Nonce validation on all forms & AJAX calls
  • XSS protection via WordPress escaping functions
  • SQL injection prevented by $wpdb::prepare()
  • Responsible disclosure: [email protected]

Questions about data privacy, security, or compliance? We respond within 24 hours.

Contact Us