Security

Your privacy,
our priority.

We protect your data at enterprise level – through full sovereignty, EU hosting, and a thoughtful security architecture deeply embedded in Lurus.

GDPR-Compliant Security. From the Ground Up.

GDPR Compliant

Compliance with the European General Data Protection Regulation. All data processing adheres to GDPR Art. 5 – data minimization, purpose limitation, and storage limitation are consistently maintained.

No Model Training

Your data is never used to train AI models – contractually assured. Your inputs serve exclusively to answer your request and are not stored.

CLOUD Act Protection

As a German company with EU hosting, your data is protected from access by US authorities. No detour through the USA, no access under the CLOUD Act – technically and legally excluded.

Encryption

TLS 1.3 for transmission, AES-256 for stored data and access tokens. All data is encrypted – both in transit and at rest.

Hosted in Europe. No Compromises.

Your data never leaves the EU. All servers are located exclusively in European data centers – with German and European hosting providers.

Hetzner

Germany

German data center for core infrastructure.

IONOS

Germany

German hosting for web infrastructure.

OVH

EU (France)

European cloud hosting for redundancy.

All hosting providers are subject exclusively to European data protection law.

Local Storage

For maximum data sovereignty: Store chat histories exclusively on your device.

Privacy by design

With local storage enabled, Lurus does not store any chat data persistently. We only get temporary access to your chat data to process your request and then delete it again.

IndexedDB Storage

Robust browser database unaffected by cache clearing. Large amounts of data directly in the browser – fast, reliable, and without server communication.

Device-Level Encryption

All locally stored data is encrypted with AES-GCM. The key is securely delivered to your device – encryption and decryption happen exclusively on your device.

Export & Portability

Export your data at any time as a structured JSON format. Full portability and control over your data.

Learn more about local storage

Certifications & Compliance

GDPR-compliant with hosting in ISO 27001-certified data centers. Built for businesses with high demands on data protection and information security.

GDPR

GDPR Compliant

Compliance with the European General Data Protection Regulation. Data processing exclusively within the EU.

ISO 27001

ISO 27001-Certified Data Centers

Your data is hosted exclusively in ISO 27001-certified data centers – verified information security at a high level.

SOC 2 Type II

SOC 2 Type II

Our infrastructure is aligned with SOC 2 requirements for security, availability, and confidentiality.

CASA

CASA Certification

Cloud Application Security Assessment is an independent review of application security.

Legal Documents

View Privacy Policy

View Terms and Conditions

Frequently Asked Questions

Ready for secure AI?

Start today with Lurus and protect your business data with strong security standards.

Start for free Contact us

No credit card required

Security in every feature

Local Storage

Maximum data sovereignty
Audit Logs

Complete activity logging
Team Management

Roles & permissions
AI Chat

Multi-agent architecture