No, we do not use any of your data to train AI models used in our core solutions. There might be edge use cases, for which a custom-trained model might perform better. In those cases, we can deploy a custom model exclusively for and with the expressive consent of the customer. Such models will not be used for any other customers.

We mostly use Microsoft Azure Europe with servers in Switzerland and Sweden to host our models, who comply with GDPR, DIN/ISO/IEC 27001 (incl. Germany C5) and DIN/ISO/IEC 27018. We might use other model providers (e.g. Google AI Services Europe) for specific use cases or custom-trained models, however only if compliant with GDPR requirements.

We are aware that we are dealing with sensitive data. This is why we built an IT infrastructure with enterprise-grade security: turian is ISO 27001 certified. We adhere to all relevant data protection regulations of GDPR, ensuring that our processes and systems are fully compliant with these standards. Our hosting partners (AWS Germany and France for our app servers, Microsoft Azure Europe for our AI models) comply with GDPR, DIN/ISO/IEC 27001 and DIN/ISO/IEC 27018. Our standard Data Protection Agreement, including our Technical and Organisational Measures is available on request.

Data resulting from using our automation software is never stored anywhere else than on your own system infrastructure or, if you prefer, on our cloud servers (see question "Is any of my data stored? If so, where?”). All databases used for client projects are separated from each other. Of course, none of our other clients can get access to any other client's data (e.g., process logs, prompts, responses) and internal access is on a strict need-to-use basis.

turian is ISO 27001 certified. Moreover, the data centers we are using for the models (Microsoft Azure Europe) as well as for our web applications (AWS Germany / France) are certified in accordance with DIN/ISO/IEC 27001 (incl. Germany C5) and DIN/ISO/IEC 27018.

The Azure OpenAI Service is fully controlled by Microsoft; Microsoft hosts the OpenAI models in Microsoft’s Azure environment and the Service does NOT interact with any services operated by OpenAI (e.g. ChatGPT, or the OpenAI API).

All of your data (e.g. prompts (inputs), completions (outputs), embeddings, and your training data):

• are NOT available to other customers.
• are NOT available to OpenAI.
• are NOT used to improve OpenAI models.
• are NOT used to improve any Microsoft or 3rd party products or services.

We prioritize data security and implement stringent measures to protect your data.

We offer two storage options for data that is generated by our software solution (e.g. process logs):

1. Using your own servers: If desired, the customer can set up a SQL database in their own environment and grant access to us. In this case, all data storage takes place at the customer's premises and only processing "in transit" takes place on our servers (when using our software solution). In this scenario, the customer is responsible for the maintenance, availability, and security of the database(s).
   ‍
2. Using our servers: In this case, we use AWS servers located in Frankfurt and Paris to store your data (e.g. process logs, model outputs, document cache) securely and redundantly. AWS complies with all required data protections, incl. GDPR, DIN/ISO/IEC 27001 and DIN/ISO/IEC 27018. Data at-rest and in-transit are protected using cryptographic libraries certified to approved standards, including 256 bit end-to-end encryption.