Your data, handled properly.
We build AI systems that handle real business data, so we treat yours the way you would. Here is exactly where it goes, who touches it, and the rights you keep.
Where your data is processed
Automations run on EU and US cloud infrastructure. We store the minimum needed to run your workflow and nothing we do not need. If your project requires EU-region processing or data residency, we set that up before we build.
Sub-processors
We only connect the tools a given workflow actually needs, on your behalf: the AI providers (OpenAI, Anthropic), the orchestration layer (n8n), and your own systems (CRM, email, CMS, Stripe). You get the full list for your build in writing, and you keep ownership of every account and API key.
GDPR and your rights
You remain the data controller; we act as your processor. A Data Processing Agreement (DPA) is available on request and signed before any live data is touched. Access, correction, and deletion requests are honoured, and we can purge project data on offboarding.
Security practices
Least-privilege API keys scoped to each workflow, secrets kept in environment variables (never in code or repos), and access revoked the moment a project ends. Delivered systems, code, and IP transfer to you on full payment.
Contracts and invoicing
You contract and are invoiced through Webex LLC, registered in Montana, USA. Contracts are in English, and we cover EU business hours so you are never waiting on a different timezone for answers.
Have a specific question about data handling or need a DPA before we start?