LiveAresGen is live — 65+ models, brand voice, and multilingual content in one workspaceStart free
Sign up

Security

Security at every layer.

Independent audits, encryption by default, and explicit data residency. Built so your security team can sleep.

Trust overview

  • GDPR-aligned
  • DPA on request
  • EU-hosted
  • TLS 1.3
  • AES-256 at rest
  • No training on your data

Security pillars

Encryption

AES-256 at rest, TLS 1.3 in transit, customer-managed keys on Enterprise.

  • AES-256 at rest
  • TLS 1.3 in transit
  • Customer-managed keys (KMS)
  • Per-tenant key isolation

Access

SSO/SAML, SCIM provisioning, role-based access, session MFA.

  • SAML 2.0
  • SCIM 2.0
  • RBAC + ABAC
  • Session-bound MFA
  • IP allowlists

Data residency

All tenant data stays on EU infrastructure (Hetzner). No third-region replication.

  • EU-hosted (Hetzner)
  • Single-region by default
  • Audit-logged configuration changes

Sub-processors

A current list with purpose, region, and DPA links. Updated quarterly.

  • Updated quarterly
  • Notification on additions
  • DPA on every vendor

Data flow

  1. 01

    Client

    Browser or API consumer over TLS 1.3.

  2. 02

    Edge

    Cloudflare WAF + bot management + DDoS shield.

  3. 03

    API

    Authenticated, rate-limited, signed requests.

  4. 04

    Core

    Tenant-isolated workers, encrypted volumes.

  5. 05

    Storage

    AES-256 + per-tenant keys, region-pinned.

Sub-processors

VendorPurposeRegionDPA
Hetzner Online GmbHInfrastructure hosting (compute, storage)EU (Germany)View
Cloudflare, Inc.Edge proxy, DNS, WAFGlobal edgeView
OpenAI, L.L.C.LLM inference (opt-in)USView
Anthropic PBCLLM inference (opt-in)USView

Compliance documents

PDF

Standard DPA

Pre-signed Data Processing Agreement, GDPR Article 28.

420 KBUpdated Mar 2026

Read more in the docs.

Or talk to sales for tailored compliance materials.

Read the docsTalk to sales