Designed for
the GDPR.
Most AI tools promise compliance. lynox keeps data on your infrastructure — so there's less to promise in the first place.
AI providers in the EU
Choose where
the AI runs.
Default. Fast, full model access. Data transits US servers.
Claude in the EU. No transatlantic transfer. AWS EU entity as processor.
Claude via GCP. EU data residency. Google EU entity as processor.
French company. Own models, native tool calling. No US parent, no CLOUD Act.
18+ open-source models. French cloud provider. Very affordable.
60+ models, EU infrastructure. 99.9% SLA.
Run LLaMA, Qwen, or Mistral locally. Zero data leaves your network.
GDPR mapping
Article by article.
Covered.
lynox only sends conversation context to the AI provider. No bulk data export, no background sync.
Delete the SQLite file. Or delete specific entities via the Knowledge Graph UI. Immediate, complete, verifiable.
Your data is SQLite files. Copy them. Read them with any SQLite tool. No export request, no 30-day wait.
Self-hosted architecture. No telemetry. Encrypted vault. Permission-based tool access. Not a policy — a design decision.
Your AI provider is the only processor. You sign their DPA directly. Self-hosted lynox is software on your server — no DPA with us needed.
Use Bedrock Frankfurt or Vertex Belgium. Your data stays in the EU. No SCCs needed, no transfer impact assessment.
CLOUD Act
No US jurisdiction
over your data.
The CLOUD Act lets US authorities request data from US companies — regardless of where the data is stored. This affects every US-headquartered SaaS you use.
With lynox + AWS Bedrock Frankfurt: your server is in the EU, your AI runs in the EU, and your AI provider's EU entity processes the data. This minimizes US jurisdiction exposure, though AWS Inc. (US parent) remains in the corporate chain.
This is not legal advice. Consult your DPO or legal team for your specific compliance requirements.
Give this page
to your legal team.
Then set up lynox with Bedrock Frankfurt. The architecture speaks for itself.
Get started →