Designed with
the GDPR in mind.
We're not certified — we do our best to get this right and are honest about the limits. The discipline here isn't marketing: the founder spent years setting up GDPR-compliant analytics + ad tracking for Swiss B2B + B2C firms before lynox. Architecture that keeps data on your infrastructure has less to promise. This page is not legal advice.
AI providers in the EU
Choose where
the AI runs.
Primary model. Fast, full Claude model access. Data transits US servers.
Secondary and background tasks. French company. Own models, native tool calling. No US parent, no CLOUD Act.
Run LLaMA, Qwen, or Mistral locally. Zero data leaves your network.
GDPR mapping
Article by article.
How we approach it.
We're not certified and don't claim every use-case is covered. Here's what we do to take the GDPR seriously:
lynox only sends the conversation context the LLM actually needs to the AI provider. No bulk data export, no background sync. If you want finer-grained scoping, tools can be feature-flagged off.
Self-Hosted: delete the SQLite file, or delete specific entities via the Knowledge Graph UI. Managed: submit a deletion request through the dashboard or support; we process within the statutory timeframe.
Self-Hosted: your data is SQLite files — copy them anytime, read with any SQLite tool. Managed: export via the migration wizard from the dashboard, or open a support ticket — we deliver the bundle within the statutory timeframe (GDPR Art. 12(3): without undue delay, max 1 month). A full audit-trail spec for edge-cases is on the roadmap.
Self-Hosted architecture. No silent telemetry. Encrypted vault. Permission-based tool access. These are design decisions, not an audit stamp — but the audit material is open in the source code.
Self-Hosted lynox is software on your server — no DPA with us needed; your AI provider is the only processor. For Managed hosting, we sign the lynox DPA (link in the privacy policy) since we operate the runtime that processes your data on Hetzner DE. We maintain a sub-processor list on a dedicated page and notify affected customers on changes.
Use Mistral AI (France) or a local model to keep data in the EU. For Anthropic (US), the standard DPA and SCCs apply. We expose the provider in the dashboard — if you need to avoid US transit, that's a config switch.
lynox is an AI system interacting with humans. Provider + model are visible in the dashboard footer so end-users know they're interacting with AI. If you embed lynox in customer channels, we recommend you surface that disclosure there too.
lynox supports human-in-the-loop on sensitive workflow actions (approval prompts before sending email, before destructive operations). Workflows execute autonomously only after you explicitly promote them — never by default. Which operations count as "sensitive" is configurable in Settings.
CLOUD Act
US jurisdiction over your data —
avoidable as far as we can make it.
The CLOUD Act lets US authorities request data from US companies — regardless of where the data is stored. This affects every US-headquartered SaaS in your stack.
With lynox + Mistral AI or a local model, your server can live in the EU, your AI runs in the EU, and no US-headquartered company is a processor in the data path. For customers who stick with Claude via Anthropic (US), the US transit remains — we disclose that openly in the privacy policy rather than burying it.
This is not legal advice. Consult your DPO or legal team for your specific compliance requirements. If you find gaps or unclear claims on this page, please tell us.
Give this page
to your legal team.
Then set up lynox with Mistral AI or a local model. The architecture speaks for itself.
Get started →