GDPR Compliance
Open is built for European data protection standards. Your data stays in Europe, encrypted and secure.
Where Your Data Lives
Infrastructure - Frankfurt
Our primary cloud infrastructure and data storage is hosted in Frankfurt, Germany. All customer data, conversations, and analytics remain within EU borders.
AI Models - Sweden
Our AI language models are deployed and run from Sweden, ensuring that all AI processing happens within the European Union with full GDPR compliance.
Data Security
Encryption in Transit
All data transmitted to and from Open is encrypted using TLS 1.3. Every API call, webhook, and user interaction is secured end-to-end.
Encryption at Rest
Sensitive data including customer information, conversation logs, and authentication credentials are encrypted at rest using AES-256 encryption.
Your GDPR Rights
- βRight to access -Request a copy of your personal data we hold
- βRight to rectification - Correct inaccurate or incomplete data
- βRight to erasure - Request deletion of your personal data
- βRight to data portability - Export your data in a machine-readable format
- βRight to restrict processing - Limit how we use your personal data
- βRight to object -Object to processing of your personal data
- βRights related to automated decision-making - Not be subject to decisions based solely on automated processing
Security & Trust Center
For detailed information about our security practices, certifications, and compliance documentation, visit our Trust Center.
Visit Trust CenterQuestions about GDPR?
If you have any questions about how we handle your data or want to exercise your GDPR rights, contact us at security@open.cx