Your data stays in the EU
Sefid's EU edition is hosted in Finland and built GDPR-first: minimal collection, strong isolation, and full user control.
Hosted in Finland - data stays in the EU
The EU edition of Sefid runs on servers located in Finland. Your account data, your knowledge, and your customers' conversations are stored and processed inside the European Union and stay in the EU.
Encryption in transit
All traffic - the panel, the API, and the chat widget on your website - is encrypted with HTTPS/TLS. There are no unencrypted endpoints.
Two-factor authentication
Administrative and staff access to Sefid is protected with two-factor authentication, and user sessions use short-lived tokens that are rotated automatically.
Minimal data, hashed IPs
We collect only what the service needs. Visitors' IP addresses are hashed (HMAC) before storage and are used solely for abuse prevention and rate limiting. Device information is kept only in general form. No advertising trackers, ever.
Tenant isolation
Every business on Sefid is logically isolated. One customer can never read another customer's knowledge, conversations, or settings.
Your GDPR rights, built in
Access, correction, deletion, and data portability are part of the product. You can exercise these rights from the panel or by writing to support@sefid.dev.
We keep the list of third parties that process data on our behalf as short as possible. Each one receives only the minimum data needed for its task and may not use it for anything else.
Hetzner Online GmbH
Cloud infrastructure - servers located in Finland (EU)
Data involved: All hosted service data
AI model providers (via OpenRouter)
Generating the agent's replies
Data involved: Only the minimum conversation context needed to answer; not used for training by contract
Security questions, disclosure reports, and data-protection requests are all welcome at support@sefid.dev. For details on what we collect and why, see the Privacy notice.