Data retention policy
Candis stores customer data in accordance with contractual obligations and GDPR requirements. After contract termination, customers have six weeks to retrieve their data. After this period, Candis permanently deletes all stored content and documents. Extended storage can be arranged monthly upon request.
Data archiving and removal policy
Candis permanently deletes all stored customer content and documents after the customer-specified storage period ends or after six weeks from contract termination if no extension is requested. Deletion is done securely and completely as per GDPR Article 17 standards.
Data storage policy
Candis stores customer data on secure, server-based cloud infrastructure in Germany. Data is hosted with multiple data protection measures in compliance with GDPR standards. Candis uses external service providers for data processing, all bound by data processing agreements. Encryption and access controls protect data from unauthorized access.
Data center location(s)
Germany
App/service has sub-processors
no
App/service uses large language models (LLM)
yes
LLM model(s) used
Anthropic Claude Sonnet (via AWS Bedrock)
LLM retention settings
AWS Bedrock does not retain customer input or output data. No conversation data is stored by the LLM provider. Candis does not use customer data for model training or fine-tuning.
LLM data tenancy policy
Candis uses AWS Bedrock which processes data in isolated, single-tenant environments. No customer data is shared across tenants or used for model training.
LLM data residency policy
LLM inference runs on AWS Bedrock in the EU (Frankfurt) region. Customer data does not leave the EU during LLM processing.