Trust Center

Security & Compliance

Transparency matters to us. Here you'll find all the facts about server location, data protection, AI usage, and encryption — without marketing speak.

EU Hosting

Frankfurt, Germany

GDPR Compliant

Based in Germany

No AI Training

Your data stays yours

Server Location & Hosting

  • All data is hosted exclusively on servers in the EU (AWS data center in Frankfurt am Main, Germany).
  • The database is based on PostgreSQL with strict tenant isolation through Row-Level Security (RLS) — no user can access another user's data.
  • There is no shared data pool: Each company works in a completely isolated environment.

AI & Data Processing

  • Procurio uses AI models from Google (Gemini) and OpenAI (GPT-4o-mini) via their API interfaces — not through consumer products (ChatGPT, Gemini App).
  • Your data is not used for training AI models. Both Google and OpenAI guarantee in their API terms of use that API data is not used for model training.
  • Data is only processed for the duration of the respective request and is not permanently stored by the AI providers.
  • All AI requests are processed server-side through our backend functions in the EU — your browser never communicates directly with the AI providers.

Data Separation & Access Control

  • Strict tenant isolation at the database level: Every query is automatically restricted to the authenticated user.
  • Authentication with email verification — no anonymous access to project data possible.
  • Role-based access control within projects (Owner, Admin, Editor, Viewer).
  • Team members are added by invitation and can only access the projects they have been invited to.

Encryption

  • All connections are TLS/HTTPS encrypted — both between your browser and our servers and between our servers and the AI providers.
  • Data is encrypted at rest (in the database and file storage) according to AWS standard (AES-256).
  • Authentication tokens are securely managed and automatically rotated.

GDPR Compliance

  • The data controller is based in Germany (Planegg near Munich).
  • You have the right to information, rectification, deletion, and data portability at any time in accordance with Art. 15–20 GDPR.
  • Upon request, we will delete all your data completely and irreversibly.
  • Detailed information can be found in our privacy policy.
Go to Privacy Policy →

Frequently Asked Questions

Still have security questions?

Contact us directly — we'll answer your compliance questions personally.