Where is my data stored? (GDPR)

Wismify is built to be safe and GDPR-compliant by design. Under the GDPR, Wismify acts as a Data Processor (Art. 28): you are the Data Controller and decide what is processed; we process it on your instructions.

Where your data lives

  • Data is hosted in the European Union (Frankfurt, Germany).
  • Infrastructure runs on Supabase (AWS eu-central-1) and Hetzner in Germany.

How it is protected

  • Encryption in transit (TLS 1.3) and at rest (AES-256-GCM) for sensitive data.
  • Tenant isolation with row-level security — your data is never mixed with another customer’s.
  • Enforced MFA and least-privilege access for our team.
  • Daily encrypted backups and access audit logging.

Learn more: See our full Security & Privacy page, and request a DPA for the contractual details.