ownify.privacy

Data controller in the sense of the GDPR:

DSNCON GmbH
Kloetzlmuellerstrasse 43
84034 Landshut, Germany
Phone: +49 871 20662010
Email: info@dsncon.com

ownify is a SaaS platform that provisions AI agents for each customer. To operate it we process:

• Account data (email, name, optional VAT ID) for identity + billing.
• Agent data (conversations, uploaded documents, configuration) stored in your isolated Kubernetes pod.
• Payment data (card, address) — handled by Stripe; we never store card numbers.
• Service metadata (access logs, token-usage metering) to provide and bill the service.
• Cookieless page-view analytics (Umami) — collected for every visitor under the TDDDG § 25 (2) web-statistics exception. See section 10.
• Advertising data (Google Ads conversions, remarketing) — only if you consent via the cookie banner. See section 10.

Legal bases under GDPR Art. 6(1): (b) performance of the service contract, (f) legitimate interest in operating the service securely, (a) consent where explicitly requested, (c) compliance with legal obligations (tax, accounting).

ownify's application and tenant storage run on Kubernetes in the European Union, provided by:

• OVH SAS (France / Germany). Managed Kubernetes + object storage. Data processing agreement in place under GDPR Art. 28.

All connections to ownify are encrypted via TLS. Data at rest on OVH is encrypted.

Authentication is handled by an instance of Zitadel operated by DSNCON GmbH on its own infrastructure in the European Union. Personal data handled: email, name (if you provide it), session tokens, email-verification state. Processing based on Art. 6(1)(b) GDPR.

Payment processing is provided by Stripe Payments Europe Ltd. (Ireland) and Stripe, Inc. (USA). Stripe handles card details — ownify never sees or stores your card number. For VAT calculation we use Stripe Tax.

Transfers to Stripe Inc. (USA) are covered by the EU–US Data Privacy Framework and Stripe's standard contractual clauses. See stripe.com/privacy.

LLM inference requests from your agents are proxied to Fireworks AI, Inc. (USA) via ownify's internal LiteLLM proxy. Fireworks processes the prompts and generations under their Zero Data Retention policy — prompts and generations are not logged or stored, not used for training, and are not retained after the request completes.

Transfers to the USA are covered by standard contractual clauses and Fireworks' published privacy policy. See fireworks.ai/privacy-policy.

Token-count metadata for each request (prompt tokens, completion tokens, model, timestamp) is stored by ownify for billing and usage analytics. This metadata does not contain your prompt or response contents.

MolTrust registration is owner-initiated, not automatic. When you click Register with MolTrust on an agent’s Trust tab, ownify registers a decentralized identifier (DID) on your behalf with the MolTrust registry operated by CryptoKRI GmbH (Switzerland). The registration contains: an agent-specific name, the platform identifier "ownify", a ownify-controlled contact email of the form <your-local-part>+ownify-<slug>@<your-domain> (so each agent has its own MolTrust account independent of your personal MolTrust relationship, if any), and a public Ed25519 key. If you don’t activate MolTrust, no data leaves ownify’s EU infrastructure for the trust layer.

A cryptographic hash of the registration credential is anchored on the Base L2 public blockchain. This hash cannot be used to derive personal data but is publicly readable. Raw credentials stay in ownify's and MolTrust's databases.

ownify does not resell MolTrust services. ownify is a channel: each tenant's DID and MolTrust API key are provisioned on your behalf as a separate MolTrust account, and you may upgrade your trust tier (higher API quota, EU AI Act / IMDA compliance packs, custom AAE templates, SLA commitments) directly with MolTrust. This keeps the sub-processor relationship transparent and avoids a silent resale layer.

Switzerland is recognized by the EU Commission as a country with an adequate level of data protection. See moltrust.ch.

ownify runs an in-cluster instance of Langfuse for internal observability (error tracking, latency metrics). This data stays within ownify's EU infrastructure and is not shared with any third party.

Our hosting provider automatically collects and stores information in server log files that your browser transmits (browser type and version, operating system, referrer URL, hostname, time of access, IP address). This data is not merged with other data sources. The collection is based on Art. 6(1)(f) GDPR (legitimate interest in secure, efficient service operation). Log files are retained for up to 14 days.

ownify uses three categories of cookies/tracking. Two are always on because they either operate the service or rely on a narrow legal exception that does not require consent; the third is strictly optional and governed by our consent banner ("Cookie settings" in the footer).

• Strictly necessary (always on) — session cookies for your authenticated Zitadel session + CSRF protection. Exempt from consent under § 25 (2) TDDDG. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure authentication).
• Cookieless analytics — Umami (always on, no consent required) — first-party, cookieless page-view counts collected by our own Umami instance at analytics.dsncon.com, operated by DSNCON GmbH in the EU. Umami does not set cookies, does not use any persistent device identifier, hashes the visitor IP with a daily-rotating salt, and does not share data with third parties. Under § 25 (2) TDDDG this qualifies as a "strictly necessary web statistics" measurement that is exempt from consent (analogous to GDPR Recital 49). Data is retained for up to 12 months. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in measuring site performance and usage).
• Advertising — Google Ads (optional, opt-in) — conversion tracking and remarketing pixels provided by Google Ireland Ltd. / Google LLC(USA). When granted, this loads googletagmanager.com/gtag/js and sets cookies such as _gcl_au, IDE, and related identifiers. These enable measuring the effectiveness of our Google Ads campaigns and showing ownify ads to people who visited our site. Data is transferred to Google in the USA and processed under the EU–US Data Privacy Framework and Google's standard contractual clauses. See Google's privacy policy. Legal basis: Art. 6(1)(a) GDPR (your consent), § 25 (1) TDDDG.

For advertising we implement Google Consent Mode v2: until you give consent, Google tags load in "denied" mode and no personal identifiers are sent. You can withdraw consent at any time by clicking "Cookie settings" in the footer — the tags will be removed from the page. Umami runs independently of this toggle because it never sets cookies and never reaches a third party.

Under GDPR you have the right to:

• Access the data we hold about you (Art. 15)
• Rectify inaccurate data (Art. 16)
• Request erasure of your data (Art. 17)
• Request restriction of processing (Art. 18)
• Data portability in a machine-readable format (Art. 20)
• Object to processing based on legitimate interest (Art. 21)
• Withdraw consent at any time, without affecting the lawfulness of prior processing (Art. 7)
• Lodge a complaint with the competent supervisory authority

To exercise any of these rights, email info@dsncon.com. We will respond within 30 days.

We retain personal data only as long as necessary for the purposes listed above or as required by law (in particular tax and accounting retention of up to 10 years under HGB § 257 and AO § 147). When you delete your account, tenant data (conversations, documents, agent memory) is deleted from our Kubernetes cluster within 30 days. The agent's registration credential + blockchain anchor remain because the blockchain record is immutable; no personal data is derivable from the on-chain hash.

Where ownify transfers personal data outside the EU/EEA (currently: Stripe, Fireworks AI, and — if you consent to advertising cookies — Google LLC, all in the United States), transfers are covered by the EU–US Data Privacy Framework and/or the European Commission's Standard Contractual Clauses. See the respective sections above for links to each processor's published policy.

We may update this policy when we change processors or introduce new features. Material changes will be communicated by email at least 30 days in advance. The current version is always accessible at ownify.ai/privacy.