Security & compliance

GDPR readiness

At Eloquent, your privacy and data protection are not an afterthought — they are part of the foundation.

Eloquent is a product of Savvy.codes B.V., a Dutch software company that develops, hosts, and manages Eloquent entirely within its own infrastructure and processes. This means your data is handled under strict European privacy regulations, including the General Data Protection Regulation (GDPR).

Hosting and infrastructure

  • Servers in the Netherlands → All data is hosted within the European Economic Area (EEA).
  • ISO 27001-certified → Savvy.codes is certified to ISO/IEC 27001:2022, the international standard for information security.
  • Controlled environment → From access management to data storage, all processes are structured, secure, and regularly audited.

Use of external AI models

To provide advanced AI capabilities, Eloquent integrates with external AI models via APIs. Data handling depends on the provider:

  • OpenAI (ChatGPT) → Data stored up to 30 days for service and abuse monitoring (unless zero data retention agreement is in place).
  • Anthropic (Claude) → Input/output removed within 30 days by default (unless agreed otherwise).
  • Google (Gemini) → Retention configurable (3, 18, 36 months) or disabled; however, conversations may be retained up to 72 hours for safety.
  • Mistral → Data indexed via Knowledge Connections is stored as long as the connection is active, and is deleted when the connection is disabled.

Storage of user data

All user data and conversations are stored on Savvy.codes servers in the Netherlands. This ensures full control over data handling and compliance with both GDPR and ISO 27001 standards.

GDPR principles we follow

Eloquent has been designed with GDPR compliance in mind:

  • Data minimization → We only process what’s necessary.
  • Transparency → Users know what happens with their data.
  • User rights → Mechanisms are in place to support requests for access, correction, or deletion.
  • DPA availability → Agencies working with Eloquent can request a Data Processing Agreement to formalize the processor–controller relationship.
  • Incident response → Clear protocols are in place to limit impact and ensure continuity if something goes wrong.

What this means for you

By using Eloquent, you choose a platform that:

  • Processes all data within the EU.
  • Operates within ISO 27001-certified security practices.
  • Treats privacy as a baseline condition, not a checkbox.

If you need more information, or if your organization requires a Data Processing Agreement, contact us at [email protected].

Vorige

ISO 27001

Volgende

Plans