Data privacy & data sovereignty
Our data privacy guarantee
Section titled “Our data privacy guarantee”Sovereignty is not just a marketing claim for us. We don’t do “sovereignty washing” or cloudwashing. True data sovereignty and strict data privacy have been part of the 9brains DNA from day one. We built the platform specifically for mid-market companies in the German-speaking region to enable state-of-the-art AI use without compromising security.
The essentials at a glance
Section titled “The essentials at a glance”- Software “Made in Germany” — 9brains is developed, supported and legally accountable in Germany. We provide a secure, domestic foundation for using global and European AI technology.
- Hosting at Hetzner instead of US hyperscalers — We deliberately do not host our platform at American cloud giants, but at Hetzner in Germany. The three main advantages for you:
- Protection from the US CLOUD Act: No legal backdoors for foreign authorities; your data is subject to European law only.
- True technological independence: No hidden dependencies (vendor lock-in) on big tech corporations.
- Sustainability & efficiency: The data centers run on 100% green electricity and operate with extremely low resource consumption.
- Three usage modes for maximum flexibility:
- GDPR mode (default): Aligned with the European General Data Protection Regulation for secure everyday business use.
- EU mode: Highest GDPR compliance with guaranteed, full data processing physically inside the EU.
- Global mode (Frontier): Access to the world’s best models without geographical restrictions (for non-critical data).
- No model training with your data — Neither your inputs nor generated responses are ever used to train AI models. Your chat histories, knowledge bases and files are stored exclusively on our own servers.
- Full transparency per model — For every AI model, the status (cost, GDPR, zero data retention, default eligibility) is available at any time in the overview table.
- Strict data separation & encryption — Each workspace is logically strictly isolated from others (tenant separation). All data is encrypted in transit and at rest according to the highest enterprise standards.
- EU AI Act ready — 9brains is designed as an AI platform that makes it easy for companies to comply with the transparency and documentation requirements of the new European AI Regulation (EU AI Act).
The data flow explained
Section titled “The data flow explained”When you send a message in chat, it travels along the following path:
1. Secure input
Section titled “1. Secure input”Your message is protected by TLS encryption from the very first character, comparable to a tap-proof tunnel between your browser and our servers in Germany.
2. Preparation on the platform
Section titled “2. Preparation on the platform”Our server prepares your request and enriches it with relevant context:
- Chat history — The previous conversation is sent along so the AI understands the context
- Knowledge bases — If relevant, matching content from your knowledge bases is added
- Personal settings — Your preferences (form of address, tone, expertise level) flow in
3. Request to the AI model
Section titled “3. Request to the AI model”The prepared data package is sent to the chosen AI model via a secure API. The model processes the request and returns the response.
Crucial: No AI provider uses your data for training. With models that support Zero Data Retention, the data is discarded immediately after processing. The exact status per model is available in the overview table.
4. Secure storage
Section titled “4. Secure storage”The response returns to our platform. Your entire chat history is stored on our servers in Germany so you can access it at any time. Row-Level Security (RLS) in the database ensures that each workspace works like its own sealed vault. Users from another workspace can never access your data.
5. Delivery to you
Section titled “5. Delivery to you”The finished response is sent back to your browser, again with TLS encryption, and displayed.
The four data privacy tiers
Section titled “The four data privacy tiers”Every AI model, whether chat or image model, is labeled with a data privacy tier. This way you always see under which conditions your data is processed when selecting a model.
| Tier | What does it mean? | Data processing | Suitable for |
|---|---|---|---|
| EU-Sovereign | EU provider on EU infrastructure. Full data control within the EU, no access by third countries possible | Exclusively in the EU | Regulated industries (healthcare, finance, legal), highest compliance requirements |
| GDPR | International provider, but processing on EU servers. Data processing agreement (DPA) guarantees GDPR compliance, no data transfer to third countries | Exclusively in the EU | Business data, personal data, confidential information |
| GDPR (DPF) | International provider with EU-US Data Privacy Framework certification. Data may be processed in the US; the EU Commission’s adequacy decision ensures GDPR compliance | EU or USA (DPF-certified) | Business data and personal data, GDPR-compliant, but without an EU processing guarantee |
| Global | No EU server location and no DPF certification. No guarantee of GDPR-compliant processing | Worldwide, no protection framework | General requests without sensitive or personal data |
What can I do with each tier?
Section titled “What can I do with each tier?”EU-Sovereign, GDPR and GDPR (DPF): Here you can work with:
- Personal data (names, addresses, emails)
- Confidential business data (finance, strategy, contracts)
- Customer and employee data
Note: With GDPR (DPF) models, the data does not leave the EU legal framework (thanks to the adequacy decision), but it can be physically processed in the US. For regulated industries (healthcare, finance, legal) we recommend EU-Sovereign, since industry-specific requirements often go beyond the GDPR.
Global: Suitable for:
- General text work (summaries, translations, brainstorming)
- Publicly available information
- Creative tasks without sensitive content
Tip for administrators: In the model settings you can enable only GDPR-compliant models for your workspace and disable global models.
EU-US Data Privacy Framework (DPF)
Section titled “EU-US Data Privacy Framework (DPF)”The EU-US Data Privacy Framework is an adequacy decision of the EU Commission dated July 10, 2023. It establishes that DPF-certified US companies offer an adequate level of data protection. Data transfer to these companies is therefore GDPR-compliant, even if processing takes place in the US.
What does this mean for model selection?
Section titled “What does this mean for model selection?”Models with the GDPR (DPF) tier are operated by DPF-certified providers (e.g. Google, Microsoft, Amazon Web Services). The data may be processed physically in the US but is subject to the same legal protection framework as EU processing.
Difference to GDPR (EU processing)
Section titled “Difference to GDPR (EU processing)”| GDPR | GDPR (DPF) | |
|---|---|---|
| Legal basis | DPA + EU server location | DPA + DPF adequacy decision |
| Data processing | Exclusively in the EU | EU or USA |
| GDPR-compliant? | Yes | Yes |
| Recommendation | All use cases | All use cases; for particularly sensitive data prefer EU processing |
Zero data retention & no training
Section titled “Zero data retention & no training”No training
Section titled “No training”All AI providers are contractually obligated not to use your data for training their models. This applies to all models, regardless of the data privacy tier. Neither your inputs nor the generated responses flow into training.
Zero data retention (ZDR)
Section titled “Zero data retention (ZDR)”“Zero data retention” means: your data is deleted by the AI provider immediately after processing; no temporary storage takes place.
The ZDR status is available per model in the overview table. With models that do not support ZDR, temporary storage at the provider can occur (e.g. for abuse detection), but the data is not used for training.
Data privacy status of AI models
Section titled “Data privacy status of AI models”The following table shows the data privacy status of all available models, including location, data privacy tier, training status and zero data retention:
Chat models
| Model | Privacy | No training | Zero data retention |
|---|---|---|---|
| OpenAI | |||
| GPT-5.1 Paris, France | GDPR | Yes | — |
| GPT-5.5 Stockholm, Sweden | GDPR | Yes | Yes |
| GPT-5.4 Paris, France | GDPR | Yes | — |
| GPT-5.2 USA | GDPR (DPF) | Yes | — |
| GPT-5.4 Mini USA | GDPR (DPF) | Yes | — |
| GPT-5.4 Nano USA | GDPR (DPF) | Yes | — |
| GPT-OSS 120B Mäntsälä, Finland | EU-sovereign | Yes | Yes |
| Anthropic | |||
| Claude Opus 4.8 EU | GDPR | Yes | Yes |
| Claude Opus 4.7 EU | GDPR | Yes | Yes |
| Claude Opus 4.6 EU | GDPR | Yes | Yes |
| Claude Sonnet 4.6 EU | GDPR | Yes | Yes |
| Claude Haiku 4.5 EU | GDPR | Yes | Yes |
| Gemini 3.1 Pro USA | GDPR (DPF) | Yes | Yes |
| Gemini 3 Flash USA | GDPR (DPF) | Yes | Yes |
| Gemini 3.5 Flash EU | GDPR | Yes | Yes |
| Gemini 3.1 Flash Lite EU | GDPR | Yes | Yes |
| Gemini 2.5 Pro Netherlands | GDPR | Yes | Yes |
| Gemini 2.5 Flash Netherlands | GDPR | Yes | Yes |
| ZhipuAI | |||
| GLM 5 USA | Global | Yes | Yes |
| GLM 5.1 Lund, Sweden | EU-sovereign | Yes | Yes |
| Qwen (Alibaba) | |||
| Qwen3.5 397B Thinking USA | Global | Yes | Yes |
| Moonshot AI | |||
| Kimi K2.6 USA | GDPR (DPF) | Yes | — |
| DeepSeek | |||
| DeepSeek V3.2 USA | Global | Yes | Yes |
| xAI | |||
| Grok 4.3 USA | GDPR (DPF) | Yes | — |
| Mistral AI | |||
| Mistral Large 3 Paris, France | EU-sovereign | Yes | — |
Image models
| Model | Privacy | No training | Zero data retention |
|---|---|---|---|
| Gemini 3 Pro (Nano Banana Pro) USA | GDPR (DPF) | Yes | Yes |
| Gemini 3.1 Flash (Nano Banana 2) Netherlands | GDPR | Yes | Yes |
| Imagen 4 Ultra Netherlands | GDPR | Yes | Yes |
| Black Forest Labs | |||
| FLUX.2 Pro Paris, France | GDPR | Yes | — |
| FLUX.2 Flex Paris, France | GDPR (DPF) | Yes | — |
| OpenAI | |||
| GPT Image 1.5 Stockholm, Sweden | GDPR | Yes | — |
| GPT Image 2 Stockholm, Sweden | GDPR (DPF) | Yes | — |
Zero data retention for Microsoft Azure OpenAI has been requested.
Where is my data stored?
Section titled “Where is my data stored?”| Data type | Storage location | Encryption |
|---|---|---|
| Database (chat histories, user accounts) | Falkenstein, Germany | TLS (in transit), secrets/tokens AES-encrypted |
| Knowledge bases (documents) | Falkenstein, Germany | TLS (in transit) |
| Vector database (RAG search) | Falkenstein, Germany | TLS (in transit) |
| Files & images (S3 storage) | Frankfurt, Germany | AES-256 client-side encryption (CSE, at rest) |
| Backups | Helsinki, Finland | AES-256 (at rest) |
| At AI providers | Depends on the model, see overview table | TLS (in transit) |
All data is stored on our infrastructure in Germany. Backups are located in Helsinki (EU) and are AES-256-encrypted. AI providers only receive the information necessary for processing. Whether and for how long it is temporarily stored at the provider depends on the model (see overview table).
Security measures
Section titled “Security measures”Encrypted transmission
Section titled “Encrypted transmission”All connections between your browser and our servers are protected by TLS encryption. This applies to both your inputs and the AI’s responses.
Encrypted storage
Section titled “Encrypted storage”All files are encrypted with AES-256 client-side encryption (CSE) before upload. Encryption takes place on our platform before the data reaches the storage provider. The storage provider has no access to the contents. Backups are also AES-256-encrypted.
Tenant separation
Section titled “Tenant separation”Each workspace is fully isolated. Row-Level Security in the database ensures that no access to data from other workspaces is possible, not even accidentally.
Authentication
Section titled “Authentication”- Password-based sign-in or Microsoft SSO
- Optional two-factor authentication (MFA), enforceable by administrators
- Secure session management
Personal privacy within the workspace
Section titled “Personal privacy within the workspace”Tenant separation protects your data against other workspaces. Within your own workspace there is a second protection layer: personal content stays private per user, even from administrators. The overview below shows who can see what:
| Content | You | Other users | Workspace admin |
|---|---|---|---|
| Chat histories | Visible | Not visible | Not visible |
| Personal memory notes | Visible and editable | Not visible | Not visible |
| Automatic profile (memory) | Visible (read-only) | Not visible | Not visible |
| Personal agents | Visible | Not visible | Only existence, usage and status in usage analytics, no content |
| Chat threads with a shared agent | Private per user | Not visible | Not visible |
| Autonomous agent runs (cron, webhook) | Visible (if agent access) | Visible (if agent access) | Visible (if agent access) |
| Personal knowledge bases | Visible | Only with explicitly assigned permission | Only existence, no content without permission |
What an administrator sees
Section titled “What an administrator sees”Administrators need an overview to manage licenses, costs and compliance. They therefore see:
- Usage statistics such as number of messages, active days and the model used per user
- Existence and usage of agents in the workspace, with spend cap and status, to detect and act on “runaway” agents
- Autonomous agent runs, provided the admin has access to the respective agent
Administrators do not see:
- The content of your chat messages
- Your personal memory notes or your automatic profile
- Your personal chat threads with agents
- Content of private knowledge bases for which they have no permission
Is there an anonymous or private mode?
Section titled “Is there an anonymous or private mode?”Not at this time. Every chat lands in your personal history and is not visible to anyone else. An additional option for sessions that are not stored at all is not currently available.
EU AI Act & regulatory classification
Section titled “EU AI Act & regulatory classification”The EU AI Act (EU AI Regulation) regulates the development and use of artificial intelligence in Europe. Since 9brains is designed for professional use in mid-market companies and large enterprises, we chose the architecture so that it actively supports companies in complying with the AI Regulation:
- No “high-risk AI” by default: 9brains is designed as an AI platform (general-purpose AI). Regular use as a digital assistant, for text work, image generation or RAG (knowledge search) does not fall into the category of notifiable high-risk AI systems (such as biometric surveillance or AI in recruiting).
- Transparency by design: The platform makes it transparent at all times that users are interacting with an AI. For generated content, we apply the principle of traceability.
- Aggregation advantage: As the operator of the platform, we integrate the AI models via APIs. The strict requirements of the AI Act regarding training data, copyrights and energy consumption (for GPAI models) must be demonstrated by the manufacturers of the models (OpenAI, Google, Mistral, etc.). We shield you from direct dependencies.
- Supply chain evidence: In particular through our transparent models in the EU-Sovereign tier, companies can demonstrate seamlessly which technology is operated where.
Note: If customers integrate 9brains deeply via our API into their own, potentially critical business processes, the final risk assessment under the AI Act lies with the integrating company.
Frequently asked questions
Section titled “Frequently asked questions”Is my data used for AI training?
Section titled “Is my data used for AI training?”No. All AI providers are contractually obligated not to use your data for training. This is laid down in our data processing agreement (DPA).
What is the difference between EU-Sovereign, GDPR and GDPR (DPF)?
Section titled “What is the difference between EU-Sovereign, GDPR and GDPR (DPF)?”- EU-Sovereign: The provider is a European company and the entire infrastructure is under EU control. Data stays exclusively in the EU.
- GDPR: The provider is an international company (e.g. OpenAI, Google) that performs processing on EU servers and is bound to GDPR via a DPA. Data stays exclusively in the EU.
- GDPR (DPF): The provider is DPF-certified. Data may be processed in the US but is protected in a GDPR-compliant way by the EU Commission’s adequacy decision.
Can my administrator read my chats?
Section titled “Can my administrator read my chats?”No. Administrators can view usage statistics (e.g. number of messages) but have no access to chat content. This also applies to your personal memory notes, your automatic profile and your private chat threads with agents. Details under Personal privacy within the workspace.
Is there an anonymous or private mode?
Section titled “Is there an anonymous or private mode?”Not at this time. Every chat lands in your personal history and is not visible to anyone else. An additional option for sessions that are not stored at all is not currently available.
What happens to my data when I switch models?
Section titled “What happens to my data when I switch models?”Your chat history is fully preserved. It is stored on our servers and made available to the new model when needed. No data is used for training at the previous provider. Whether temporary storage takes place depends on the model’s ZDR status.
Can I have my data deleted?
Section titled “Can I have my data deleted?”Yes. You can delete individual chats yourself at any time. For full data deletion, contact your administrator.
Can I see who accessed my files or knowledge contributions?
Section titled “Can I see who accessed my files or knowledge contributions?”A personal access log at the level of individual files or knowledge entries is not offered by 9brains today. What you see as a workspace admin is the usage analytics with aggregated activity data per person (sessions, messages, knowledge queries, knowledge contributions). For connected integrations there is additionally a dedicated audit log per integration that makes all tool calls traceable.
May I process personal data with global models?
Section titled “May I process personal data with global models?”No. Personal data should only be processed with models in the EU-Sovereign, GDPR or GDPR (DPF) tier. With Global tier models, there is no legal protection framework for data transfer; processing of personal data is therefore not GDPR-compliant.