How we handle your data: honest, verifiable, without marketing language.
We're transparent about where your data is. Some services run outside the EU. We're actively exploring EU alternatives for these services.
EU 🇪🇺 (ISO 27001 certified)
All transaction data, documents, user accounts
Anthropic Claude API, United States
Temporary document processing for field extraction. Anthropic retains data for up to 7 days.
SendGrid (Twilio), likely United States, actively exploring EU alternative
Transactional emails (magic links, invitations, status updates)
Cloudflare, global edge network
HTTP traffic routing, DDoS protection (routing data only)
HTTPS (TLS 1.3) on every connection. No connection without encryption.
Documents are stored encrypted on European servers. AES-256.
Each party only sees what belongs to their role. The selling agent does not see the buyer's documents.
Every action is logged: who, what, when. Available for audit purposes.
This site uses one cookie: NEXT_LOCALE. It remembers your language choice so you return in the right language. The cookie only contains the text 'nl', 'en' or 'es'. This cookie is functional (remembering language preference) and falls under the GDPR exception that does not require explicit consent.
We use no tracking cookies. No Google Analytics, no Facebook Pixel, no marketing cookies. If we add any in the future, we'll tell you first and ask explicit consent.
We're honest about our maturity. This is what's on our roadmap for the coming months:
For pilot customers we're available daily for security questions.