nunq logoTrust Center

Security & Compliance at nunq

Trust is the foundation of everything we build. nunq is developed in Germany and built with data privacy and security by design. This trust center gives you transparent access to our compliance status, security controls and legal documentation.

Contact us
EU-only Hosting and Data Processing
GDPR compliant · DPA included
No AI training on your data
Chat-Storing on your device

Compliance Status

European Stars
DSGVO
Compliant
ISO 27001 Shields
ISO
27001
In Progress

Security Controls

Platform Security Measures
  • TLS encryption for all data in transit
  • Client-side encryption of chat data on your device
  • Database-level encryption at rest
  • Role-based access control (RBAC)
  • Separated development and production environments
  • Show all
Additional Organizational Measures
  • Two-factor authentication for all users
  • Logical separation of data from different customers
  • Data Processing Agreements with all subprocessors
  • Data protection officer appointed
  • Written confidentiality obligations for all employees
  • Show all

Data Processing

See where your data is processed & stored

Resources

Data Processing Agreement (DPA)Technical & Organizational Measures (TOM)Privacy PolicyTerms & Conditions

Subprocessors

tegos
tegos GmbH (shared IT department)
Hosting (Microsoft Azure EU) and provision of AI models (via Microsoft Azure, Google Cloud, Amazon Web Services)
EU-only
Microsoft
Microsoft Ireland Operations Ltd.
Provision of AI models
EU-only
Google
Google Cloud EMEA Ltd.
Provision of AI models
EU-only
AWS
Amazon Web Services EMEA SARL
Provision of AI models
EU-only

Frequently Asked Questions

Where exactly is our data stored and processed?
nunq consists of three components: the nunq desktop app (running locally on your device), the nunq server, and AI model providers. The desktop app stores chat messages and captured window contexts on long-term exclusively on your local device, encrypted and never synced to nunq's server. Our server in Germany (Microsoft Azure, Frankfurt) stores data such as assistant setups, prompt templates, and knowledge bases. For AI inference, messages are forwarded to one of our EU-based model providers (Microsoft Azure, Google Cloud, or AWS). They are all contractually prohibited from training on your data, storing it long-term, or using it for any secondary purpose. See the for a visual overview and deeper information.
Is our data used to train AI models?
No, never. Your data, including prompts, responses, uploaded files, knowledge base content, and conversation history, is never used to train AI models, neither by nunq nor by any of our AI model providers. This is contractually enforced with every subprocessor through explicit data processing terms that prohibit any use of customer data for training purposes.
Does our data leave Europe?
No. All nunq infrastructure is hosted within Europe. Our server is located in Frankfurt, Germany, on Microsoft Azure and we only make AI model providers available on the platform that process data exclusively within the EU. Your data is never routed to data centers outside of Europe as part of standard platform usage.
Is nunq GDPR compliant?

Yes. nunq is based in Germany and therefore falls under GDPR regulations. We strictly follow all requirements set out by the GDPR. Specifically:

  • nunq's server and database are hosted exclusively in the EU.
  • All data processing takes place within the EU.
  • We have incorporated a Data Processing Agreement (DPA) directly into our terms and conditions, enabling our customers to process personal data with nunq in a compliant manner.
  • We only engage subprocessors under strict conditions: each subprocessor must meet our data protection requirements and is bound by a GDPR-compliant DPA before any data processing takes place.
Trust Center | nunq - Security & Compliance