Trust is a feature.

GDPR-compliant. EU-hosted. EU AI Act-compliant. And you decide who touches your data.

Entradigm is built for the EU market: GDPR rights (account deletion in the app, access and portability on request), EU AI Act Art. 50 labelling on every AI-generated surface, a viewable sub-processor register, EU hosting and passwordless sign-in with mandatory two-factor authentication. Here's what that means in detail.

GDPR rights

Your data, your rights.

The core data-subject rights under GDPR are covered: you trigger the deletion of your account yourself in the app (Settings → Account); access and portability we grant on request via Contact.

Art. 15 — Access

Data access

On request via Contact you receive a structured copy of all data we hold for your tenant.

Art. 17 — Erasure

Account deletion

You trigger the deletion of your account and your data yourself in the app (Settings → Account). We cascade the deletion across the involved sub-processors.

Art. 20 — Portability

Data portability

On request via Contact you receive your data in a machine-readable format — for migrating to another provider.

EU AI Act — Article 50

AI-generated content is labelled.

The EU AI Act (Art. 50) requires that AI-generated or AI-substantially-assisted content be labelled as such. Entradigm is built so that every approved cycle carries a disclosure — the exact wording is configurable per tenant, but the presence of the label cannot be switched off. That's a regulatory floor and an architectural guarantee.

Sub-processors

Who touches your data — visible, not hidden.

The full, always-current sub-processor register lives in the app under Settings → Privacy → Sub-processors — that's where you see which third party touches what, and in which region. The overview below mirrors that in-app register exactly; it invents nothing.

Infrastructure

Cloudflare

Workers runtime + R2 storage + DNS. EU region available.

Data & auth

Supabase

Database + authentication. EU region available.

LLM

Anthropic

BYO-LLM is the model: you bring your own provider. During the free beta, Entradigm conveniently uses a ByKA-managed Anthropic key; per-cycle BYO-LLM follows in Q3 2026. EU endpoint available.

Web research

Exa

Web research (US-based; opt-in).

Social publishing

Social publishing provider

Your posting provider connects Entradigm to your social accounts (BYO model). Current support and jurisdiction depend on your choice.

Optional (BYO)

OpenAI

Only if you choose BYO OpenAI for AI or TTS.

Every sub-processor carries an SCC reference (Standard Contractual Clauses); most offer EU regions. In the app you approve every sub-processor explicitly.

Encryption & hosting

EU-hosted, encrypted, passwordless.

EU hosting

EU jurisdiction first

Cloudflare Workers (EU region available) + Supabase EU region for the database. Choose an EU LLM endpoint and your content never leaves EU jurisdiction.

Encryption

In-transit & at-rest

All in-transit traffic runs over TLS 1.3. Secrets — BYO keys and tokens — are encrypted at rest in Supabase Vault; never shown back, never logged.

Sign-in

Passwordless + MFA

Sign-in via a one-time magic link plus a mandatory authenticator app (TOTP) as the second factor, with recovery codes. There's no password that could leak.

Secret handling

Presence only, never values

A pre-tool tripwire blocks any command that would write a secret value to logs or stdout. Logs only ever say "present / not present".

Legal

The documents in full.

You can find the full legal documents here: