ANV
-Gyro
Security & data flow
Orb
About
Start free →
// Security one-pager · for procurement, compliance, DPOs
Security & data flow —
straight answers
.
Operator
Anova IT, s.r.o.
Hosting
AWS Frankfurt
Encryption
TLS 1.3 + AES-256
Governing law
Czech Republic
Uptime target
99.5% / month
Training on your data
Never
// Data flow · where bytes go
What leaves your browser.
And what doesn't.
Your browser
Lasso content only
No clipboard · no keylog
TLS 1.3
ANV-Gyro gateway
AWS Frankfurt · EU
Anonymize identity
Memory layer (vector)
Encrypted at rest (KMS)
content only
content only
EU stays EU
Anthropic (Claude)
US · zero retention tier
SCC
OpenAI (GPT)
US · no training optout
SCC
Mistral (Ministral)
EU · Paris
PostgreSQL + Qdrant
memory (EU only)
/* BYOK path */
If you bring your own API key, the gateway still anonymizes,
but the provider bills you directly. Key encrypted at rest (KMS).
EDGE MODE:
chain stops at
your device.
Zero egress.
// Subprocessors · Article 28 §2 GDPR
Who else touches your data.
Processor
Purpose
Location
Transfer basis
Amazon Web Services EMEA
EU · Frankfurt
Anthropic, PBC
US
OpenAI, OpCo LLC
US
Mistral AI
EU · Paris
Stripe Payments Europe
EU · Ireland
Google Identity
Global
// GDPR Article 28 · DPA
Data Processing Agreement —
signed in 1 working day
.
What's in our standard DPA
How to get it
// Technical & organisational measures (TOMs)
How we actually protect your data.
Encryption
Access control
Logging & monitoring
Backup & recovery
// Incident response · vulnerability disclosure
When something goes wrong.
Incident response (we get hit)
Vulnerability disclosure (you find one)
Need something this page doesn't answer?
Email security team
Request DPA →