Built in Europe. Trusted everywhere.

EU-only data residency. GDPR by architecture. ISO 27001, SOC 2 Type II, TISAX, and BSI C5 attestation in progress — not certified yet. Security is how we build, not how we patch.

Four commitments.

Your data stays in Europe.
All processing — database, storage, AI inference, backups — happens within the EU. Primary data center: Frankfurt. No transfer to non-EU countries. Ever.
Encrypted everywhere.
TLS 1.3 in transit. AES-256 at rest. Service-to-service over mTLS. Your BYOK keys encrypted with per-customer encryption keys in a hardware-backed KMS.
Tenant isolation at the database layer.
Row-level security policies enforce workspace separation in Postgres itself, not just the application. Cross-tenant access is technically impossible, not just policy-prohibited.
We never train on your data.
Your conversations, prompts, and knowledge bases stay yours. Default: AI providers do not retain or train on Laavod traffic. You can verify this in your account settings.

Where your data lives.

Primary database, object storage, AI inference, and backups all run in the European Union, with Frankfurt as the primary region. Backups are geo-redundant within EU regions only. AI model inference routes through EU-resident endpoints, even for US-based providers like OpenAI and Anthropic.

Your data does not leave the European Union. This is enforced through geographic routing controls, not just policy.

How we protect access.

Every request is authenticated and authorized at multiple layers. Multi-factor authentication is available to all users and enforceable as a workspace policy. Passwords are stored only as salted bcrypt hashes. Session tokens are cryptographically signed and short-lived.

Enterprise customers get SSO via SAML 2.0 and OAuth 2.0 / OIDC with major identity providers (Microsoft Entra ID, Okta, Google Workspace, Auth0, PingIdentity, JumpCloud). SCIM 2.0 handles automated user provisioning and deprovisioning. IP allowlisting restricts access to approved networks.

Supporting facts

Brute-force protection: server-side rate limiting, exponential lockout, IP anomaly detection, CAPTCHA escalation, automatic account lockout with admin-configurable thresholds.

Every authentication event is written to the immutable audit log in real time.

Every security-relevant action, logged.

Sign-ins, failed sign-in attempts, MFA changes, role and permission changes, administrative API access, data exports, integration activations, AI model switches, security configuration changes — all written to an immutable audit log.

Admins can view and export logs (CSV, JSON). Enterprise customers can stream logs in real time to their SIEM (Splunk, Sentinel, Datadog, or similar).

Security for AI work specifically.

Laavod is built for AI work, which means we treat AI-specific risks as first-class concerns, not afterthoughts.

No training on your data. Conversations, prompts, and knowledge bases are never used to train AI models. Default is off. Customers control this per workspace.
Prompt injection protection. Built-in guardrails detect and block prompt injection attempts before they reach model inference.
PII detection. Configurable DLP guardrails flag personally identifiable information before it is sent to models or published publicly.
Tool and model governance. Workspace admins control which AI models, tools, and integrations are available. No shadow AI.
BYOK for control. Bring your own provider keys and route all AI inference through your own account. Laavod never sees your provider invoices or your traffic at the provider level. BYOK overview →

Compliance.

Available now

GDPR compliance by design
Data Processing Agreement (DPA)
Technical and Organizational Measures (TOM)
Records of Processing Activities per GDPR Art. 30
Data Protection Impact Assessment (DPIA) for AI processing
BSI Grundschutz coverage across OPS.2.2 and APP.3.1 requirements

In progress — not certified yet

ISO 27001
SOC 2 Type II
TISAX
BSI C5 attestation

Enterprise documentation package. Enterprise customers receive the full compliance package under NDA: architecture documentation, penetration test reports, subprocessor list, custom DPA, BCM and DR plans, and the BSI Grundschutz response.

Request the compliance package →

Public DPA: Read the DPA →

Backups, recovery, and exit.

Daily encrypted backups of the entire database with point-in-time recovery and customer-configurable retention (standard: 30 days, Enterprise: up to 12 months). Geo-redundant within the EU.

Self-service export anytime in open formats (CSV, JSON, SQL dump, original files). Your data is portable and usable independently of the platform.

Cloud exit process. Defined notification period, named contact persons, phased data handover in open formats, written deletion confirmation after data destruction.

At contract end. Complete and irreversible deletion of all customer data — including backups, replicas, and log files — within 90 days. Written confirmation issued by Laavod GmbH.

Service availability.

99.9% uptime SLA on Enterprise, with service credits for any breach.

Quarterly external penetration tests by independent third parties.

Vulnerability remediation SLA: Critical within 24 hours. High within 7 days. Medium within 30 days.

Incident response: 72-hour notification per GDPR Art. 33 for reportable incidents.

Status page at status.laavod.com with continuous availability measurement.

Report a vulnerability.

If you find a security issue, report it responsibly to security@laavod.com.

We acknowledge valid reports within 24 hours and remediate aligned with our published SLA (critical fixes targeted within 24 hours). Responsible disclosures are publicly credited with your permission.

Security is how Laavod is built. Not how it gets patched.

Request the compliance package Read the DPA Enterprise BYOK Start free

Loading…

Four commitments.

Your data stays in Europe.

All processing — database, storage, AI inference, backups — happens within the EU. Primary data center: Frankfurt. No transfer to non-EU countries. Ever.

Encrypted everywhere.

TLS 1.3 in transit. AES-256 at rest. Service-to-service over mTLS. Your BYOK keys encrypted with per-customer encryption keys in a hardware-backed KMS.

Tenant isolation at the database layer.

Row-level security policies enforce workspace separation in Postgres itself, not just the application. Cross-tenant access is technically impossible, not just policy-prohibited.

We never train on your data.

Your conversations, prompts, and knowledge bases stay yours. Default: AI providers do not retain or train on Laavod traffic. You can verify this in your account settings.

Where your data lives.

Your data does not leave the European Union. This is enforced through geographic routing controls, not just policy.

How we protect access.

Supporting facts

Brute-force protection: server-side rate limiting, exponential lockout, IP anomaly detection, CAPTCHA escalation, automatic account lockout with admin-configurable thresholds.

Every authentication event is written to the immutable audit log in real time.

Every security-relevant action, logged.

Admins can view and export logs (CSV, JSON). Enterprise customers can stream logs in real time to their SIEM (Splunk, Sentinel, Datadog, or similar).

Security for AI work specifically.

Laavod is built for AI work, which means we treat AI-specific risks as first-class concerns, not afterthoughts.

No training on your data. Conversations, prompts, and knowledge bases are never used to train AI models. Default is off. Customers control this per workspace.
Prompt injection protection. Built-in guardrails detect and block prompt injection attempts before they reach model inference.
PII detection. Configurable DLP guardrails flag personally identifiable information before it is sent to models or published publicly.
Tool and model governance. Workspace admins control which AI models, tools, and integrations are available. No shadow AI.
BYOK for control. Bring your own provider keys and route all AI inference through your own account. Laavod never sees your provider invoices or your traffic at the provider level. BYOK overview →

Compliance.

Available now

GDPR compliance by design
Data Processing Agreement (DPA)
Technical and Organizational Measures (TOM)
Records of Processing Activities per GDPR Art. 30
Data Protection Impact Assessment (DPIA) for AI processing
BSI Grundschutz coverage across OPS.2.2 and APP.3.1 requirements

In progress — not certified yet

ISO 27001
SOC 2 Type II
TISAX
BSI C5 attestation

Request the compliance package →

Public DPA: Read the DPA →

Backups, recovery, and exit.

Daily encrypted backups of the entire database with point-in-time recovery and customer-configurable retention (standard: 30 days, Enterprise: up to 12 months). Geo-redundant within the EU.

Self-service export anytime in open formats (CSV, JSON, SQL dump, original files). Your data is portable and usable independently of the platform.

Cloud exit process. Defined notification period, named contact persons, phased data handover in open formats, written deletion confirmation after data destruction.

At contract end. Complete and irreversible deletion of all customer data — including backups, replicas, and log files — within 90 days. Written confirmation issued by Laavod GmbH.

Service availability.

99.9% uptime SLA on Enterprise, with service credits for any breach.

Quarterly external penetration tests by independent third parties.

Vulnerability remediation SLA: Critical within 24 hours. High within 7 days. Medium within 30 days.

Incident response: 72-hour notification per GDPR Art. 33 for reportable incidents.

Status page at status.laavod.com with continuous availability measurement.