Security & GDPR
DT Master is designed with European sovereignty and GDPR compliance as founding principles.
Hosting
- Infrastructure: Microsoft Azure, France Central region (Paris)
- Customer data: never leaves the European Union
- AI models: routing prioritizes AWS Bedrock EU and Azure OpenAI EU for sensitive data
GDPR compliance
- Data controller: DT Master Carbon
- Legal bases: contract performance (user account), legitimate interest (product improvement), consent (analytics cookies)
- Retention: 3 years after the end of the contractual relationship, except for specific legal obligations
- Rights: access, rectification, erasure, portability, objection — exercisable by email to the DPO
Technical security
- TLS 1.3 encryption on all connections
- Authentication via Google OAuth only (zero password storage)
- Full audit log of every mutation on user accounts
- Encrypted daily backups
Privacy policy
The full privacy policy is available on the platform under Legal.
For any data-protection question: dpo@dtmaster.co