Trust­center

Your sovereign AI partner

Sovereign AI is trust. Sovereign AI is control. Sovereign AI is DeepVA.

Compliance & Security

Your partner for trust­worthy and secure AI.

DeepVA ensures maximum digital sover­eignty – for secure use within your organi­zation.

Data Sover­eignty

Local or EU-certified cloud deployment of all modules is possible. Full control over video, audio, and metadata. No Vendor Lock-in. 

Infra­structure Autonomy

Compatible with on-premises hardware, European data centers, and government IT standards.

Model Validation and Trans­parency

You can use and customize pre-trained models or your own models — no black boxes, fully exportable.

Legal Compliance

Complies with GDPR and AI Act regula­tions. Also offers ethical audit tools, risk-based model selection, and tools for bias reduction.

Relia­bility & Modularity

A stable and robust system with functional layers that meet all the require­ments of an AI platform

We are trusted by:

Standards

Data Security in accor­dance with EU Standards.

We ensure that both on-premises and cloud environ­ments meet the highest security and data protection standards – with a particular focus on compliance with European data protection regula­tions (GDPR). In doing so, we ensure that all data processing proce­dures are trans­parent, legally compliant, and aligned with European guide­lines.

Cloud Security

Maximum security in the cloud – protected end-to-end.

On-Prem Security

Your infra­structure. Your rules. Our security.

Service Description

All Services at a Glance.

Privacy

Smart AI. Smart Data Protection.

Strategic Goals

Guide­lines & Principles

Technical Orien­tation

Gover­nance & Control

Embedded Data Protection

Privacy by Design

TOM

Technical and organi­za­tional measures.

Always committed to protect your data.

Confi­den­tiality

Avail­ability

Integrity

Compliance & Gover­nance

Supplier Management

EU AI Act

AI in accor­dance with European regula­tions.

We contin­u­ously adapt our AI to new require­ments.

Early alignment with the EU AI Act
Consistent alignment with the GDPR
Opera­tions within the EU: on-premises or offline deployment possible
Focus on data sover­eignty and control
Data and model gover­nance
Technical trans­parency and trace­ability

Service Hub

As a regis­tered customer or partner, you can find additional documents here on data protection and compliance topics.

Legal Documents

Technical documen­tation

Master subscription agreement

Standard Support Plan

Privacy Policy

Legal notice

AI Act Adendum

Sub-processors

Model Provider

Speech­matics

Automated Speech Recog­nition (Speech-to-Text) for Audio/Video
Legal basis: Operated on DeepVA’s own servers

Headquarters: Great Britain
Certi­fi­ca­tions: ISO 27001:2022

DeepL

AI-Powered Text Trans­lation and Local­ization
Legal basis: Not required (German servers; data is not stored or used for machine learning on Pro plans)

Headquarters: Germany (DeepL SE)
Certi­fi­ca­tions: ISO 27001, BSI C5, SOC 2 Type II

Hosting Provider

Oracle cloud

Enter­prise cloud hosting, databases, high-performance AI infra­structure
Legal basis: No transfer to third countries when using the EU Sovereign Cloud. Backup: Binding Corporate Rules (BCR) & EU‑U.S. DPF.


Headquarters: U.S./ Ireland (Oracle Norway/ Ireland)
Certi­fi­ca­tions: ISO 27001, SOC 1/2/3, BSI C5

AWS

Cloud hosting, object storage (S3), compute resources, scala­bility.
Legal basis: No transfer to a third country when using the Frankfurt region. Backup: EU-US DPF & Standard Contractual Clauses (SCCs)

Headquarters: USA / Luxem­bourg (AWS EMEA SARL)

Certi­fi­ca­tions: ISO 27001, ISO 27017, ISO 27018, BSI C5, SOC 1/2/3

Hetzner

Infra­structure hosting, dedicated servers, backups
Legal basis: Not required (processing takes place exclu­sively in Germany and Finland)

Headquarters: Germany (Hetzner Online GmbH)
Certi­fi­ca­tions: ISO 27001

Verda

Cloud Provider, Computing Infra­structure for AI and ML
Legal basis: Generally, no data transfers to third countries when the software is operated in Germany

Headquarters: Finland
Certi­fi­ca­tions: GDPR-compliant operation in accor­dance with German IT standards

Raidboxes

Specialized WordPress hosting (often used for websites and marketing infra­structure)
Legal basis: Not required (hosting is provided on GDPR-compliant German servers).

Headquarters: Germany (Raidboxes GmbH)
Certi­fi­ca­tions: ISO 27001 (via the data center infra­structure used)

Research Partners / Technology Suppliers

Oracle cloud

Research Partners / Technology Providers
Legal basis: Not required (research insti­tution headquar­tered in Germany). Hosted on DeepVA’s own servers.

Headquarters: Germany

Certi­fi­ca­tions: Operates in accor­dance with strict BSI and Fraun­hofer IT security guide­lines

Customer Relationship

Hubspot

CRM
Legal basis: No legal basis required

Headquarters: United States / Ireland (HubSpot Ireland Ltd.)

Certi­fi­ca­tions: ISO 27001, SOC 2 Type II

HubSpot Analytics

Data Processors for CRM, Marketing, and Web Analytics Services
Legal basis: Partic­i­pation in the EU‑U.S. Data Privacy Framework; supple­mented by Standard Contractual Clauses (SCCs), Art. 45 DSGVO ergänzend Art. 46 Abs. 2 lit. c DSGVO

Headquarters: Cambridge, Massa­chu­setts, USA

Chargebee

Subscription Billing and Invoice Manage­mentSub­scription Billing and Invoice Management
Legal basis: No third-country transfer during normal operation, in backup DPF, and SCC.

Headquarters: U.S. / Nether­lands (Chargebee Europe B.V.)
Certi­fi­ca­tions: ISO 27001, PCI-DSS Level 1 (payment data), SOC 1/2

Microsoft 365

Cloud based services
Legal basis: No third-country transfer during normal operation, in backup DPF, and SCC.No third-country transfer during normal operation, in backup DPF, and SCC.

Headquarters: U.S. / Ireland (Microsoft Ireland Opera­tions Ltd.)
Certi­fi­ca­tions: ISO 27001, ISO 27018, BSI C5, SOC 1/2/3

Hotjar

Data processors for heat maps and user analytics
Legal basis: Generally, no transfer to third countries is required. If data is trans­ferred to service providers outside the EEA: SCCs.

Headquarters: St. Julian’s, Malta

Leadfeeder (Dealfront)

Data processors for B2B Visitor Identi­fi­cation and Lead Gener­ation
Legal basis: Generally, processing takes place within the EEA; for transfers to third countries, SCCs apply,Art. 46 Abs. 2 lit. c DSG.

Headquarters: Helsinki, Finland
(Dealfront Group, headquar­tered in Germany and Finland)

Leadinfo

Data processors for lead identi­fi­cation and website analysis
Legal basis: Processing takes place primarily within the EEA;
if subcon­tractors in third countries are used: SCCs, Art. 46 Abs. 2 lit. c DSGVO.

Headquarters: Rotterdam, Nether­lands

Google Family

Data processor for services such as Google Analytics, Google Tag Manager and Google Cloud
Legal basis: Partic­i­pation in the EU‑U.S. Data Privacy Framework; additionally, SCCs in the data processing terms, Art. 45 DSGVO (EU‑U.S. Data Privacy Framework); additional Art. 46 Abs. 2 lit. c DSGVO.

Headquarters: Google LLC: Mountain View, California, USA; Google Ireland Ltd.: Dublin, Ireland

FAQ

Frequently Asked Questions

Where is the data processed?

Aiconix only processes personal data of public figures from legit­imate sources, keeps customer data isolated, allows deletion of custom models, and enforces GDPR compliance through strict contractual rules.

Aiconix only processes personal data of public figures from legit­imate sources, keeps customer data isolated, allows deletion of custom models, and enforces GDPR compliance through strict contractual rules.

The AI system was trained using a combi­nation of propri­etary, publicly available, open-source, and partner-provided data and models.

Customer data is not used for training purposes.

Data is only stored for as long as necessary for processing purposes. For example, transcripts are retained for 30 to 90 days, depending on the module, to allow for optional post-processing such as summa­rization or trans­lation.
Customers may delete their data manually at any time before the end of this period.

The data is stored exclu­sively in European data centers and European cloud providers.

Updates

21.04.2026

Title ipsum dolor sit amet

Lorem ipsum dolor sit amet, consetetur sadip­scing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.

21.04.2026

Title ipsum dolor sit amet

Lorem ipsum dolor sit amet, consetetur sadip­scing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.

21.04.2026

Title ipsum dolor sit amet

Lorem ipsum dolor sit amet, consetetur sadip­scing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.

latest AI news

Subscribe to our newsletter

Don’t worry, we reserve our newsletter for important news, so we only send a few updates once in a while. No spam!