How Wareed will protect your emails and customer data. Clearly documented, EU-focused, GDPR-compliant by design. Without the marketing fluff.
All production data in EU data centers. Planned: Hetzner Falkenstein (Germany) for application data. The current landing page runs via Cloudflare Pages (DPF-certified, SCCs).
Your emails are not used to train AI models. Anthropic, under its Commercial Terms, does not use API content for model training.
TLS 1.3 in transit. API keys and secrets live only as environment variables, never in code. Dashboard access is protected by an admin token with constant-time comparison (defends against timing attacks). Planned: at-rest disk encryption and multi-user passwords with bcrypt.
One-click deletion. Full data exports anytime. No lock-in. Cancel any time, effective end of month.
Full transparency about the planned architecture. You see exactly which data Wareed will process.
Last updated: May 2026 · Status "planned" = architectural decision finalized, implementation to follow before product launch · Changes will be announced at least 30 days in advance.
Planned list of all third parties with data access. A DPA with each provider will be signed before product launch.
AI processing of emails (Claude API). Per Anthropic's Commercial Terms, API content is not used for model training.
Server hosting in Falkenstein. Intended for application servers at product launch.
CDN, DDoS protection and SSL for the landing page (active). Planned for production app endpoints with an EU caching strategy.
Payment processing. We never see card data.
Architecture designed to be GDPR-compliant. DPA template in preparation.
in preparationDesigned around the transparency obligations for AI systems.
plannedCertification targeted for 2027. Our hosting provider is already ISO-certified.
2027 plannedFull technical and legal documentation as a PDF. Ready to forward to your data protection and security teams.
Also available in German and Arabic.
Need a tailored version for your company? info@wareed.de