Standaard EU-gehost. Jouw LLM-keys, jouw data. AVG DPA bij plan-upgrade.
Production data is hosted in Azure West Europe. Your data does not leave the EU under the standard SMB plan. Self-hosted Docker Compose stack is available on the Business plan for customers that need it.
Bring your own Azure OpenAI, Mistral, OpenAI, or self-hosted model API key. Your customers' prompts never touch our LLM accounts — they go through your tenant directly.
A standard GDPR Data Processing Agreement is automatically attached when you upgrade to a paid plan. Sub-processor list is public. Trial users can request the DPA preview at any time.
Every launch App ships with an EU AI Act risk classification statement so your DPO has a paper trail. ZedFlows itself is a tooling layer — classification depends on what you build with it, and we surface the determination per App.
Business-plan customers get a per-organization audit log via /my/organization/security: every login, App install, workflow run, credential change, and admin action timestamped, exportable as JSON.
Every plan has a toggle that pauses execution at the monthly limit. We never auto-bill you over your tier — the cap lives in the product, not just on the marketing page.
Need anything else for your IT review? Email [email protected] — we'll come back within one business day with the security pack.