Kasimir Docs DEEN To the app →

Privacy & EU Hosting

How Kasimir delivers GDPR compliance, EU hosting and data sovereignty — from self-hosted models to the non-EU gate and cookie consent.

Kasimir was built from the ground up for the German mid-market: GDPR-compliant, with clear data sovereignty and a default mode of operation in which your content never leaves the EU. This page explains where your data is processed, how to tell which AI model writes data where, how administrators control access, and which legal building blocks (DPA, cookie consent, privacy policy) are wired into the product.

The sovereignty principle in brief

Kasimir assigns every AI model to exactly one of three "sovereignty tiers". This classification governs whether data leaves the EU — and it is surfaced everywhere in the product.

Tier

Meaning

Where processed

Data leaves EU?

selfHosted

Runs on Kasimir's own servers — the most sovereign option, the default

EU (Hetzner, Germany)

No

euCloud

EU region, but via a third-party processor

EU (Azure AI Foundry / Microsoft)

No

nonEu

Processed outside the EU — only available after opt-in

Outside the EU (e.g. xAI/US, DeepSeek/China)

Yes

ℹ️

The default is maximum sovereignty. The pre-selected chat model (Gemma) is self-hosted and runs exclusively on the EU infrastructure in Germany. Non-EU models are technically disabled until an administrator explicitly enables them.

Where your data lives

The core of Kasimir is self-operated on servers in Germany (Hetzner, Falkenstein). It holds:

  • Database, login and sessions — self-hosted Supabase (api.kasimir.ai)

  • File storage — uploaded documents, chat attachments and audio recordings

  • AI routing — the LiteLLM proxy through which every chat and embedding request flows

  • Vector embeddingsBAAI/bge-m3, also self-hosted

  • Audio transcriptionfaster-whisper for the voice and meeting features

  • Web search — a self-operated SearXNG instance (no requests to US search services)

A few features use external processors under standard contractual clauses: Cloudflare (CDN, DDoS protection, TLS, bot protection via Turnstile), SendGrid/Twilio (transactional email) and — only with consent — Google Analytics. The full list with legal bases is in the privacy policy at /privacy.

💡

All connections to Kasimir are TLS-encrypted (recognizable by the padlock icon and https:// in the address bar), at both the origin and the edge.

Spotting the sovereignty tier in chat

You don't need any provider knowledge — Kasimir shows the data-processing location right on the model.

In the model picker

When you open the model picker in the chat composer, every model carries a badge:

  • A green EU badge for self-hosted and EU-cloud models

  • An amber Non-EU badge for models that process data outside the EU

Hovering a model opens a detail panel with provider, context window, vision support and a Data processing section. It states in plain language where the data ends up:

  • Processed on Kasimir's own servers in the EU (shield icon, green)

  • Processed in the EU · Azure AI Foundry (Microsoft) (EU globe icon, blue)

  • Processed outside the EU – data leaves the EU (warning triangle, amber)

Schreiben Sie eine Nachricht … Gemma 4 MODELL WÄHLEN Gemma 4 EU Mistral Large 3 EU Teuken 8B EU Grok 4.3 NICHT-EU Claude Sonnet NICHT-EU MISTRAL AI Mistral Large 3 EU Kontext 128k Tokens Bildverständnis Ja Geschwindigkeit Schnell DATENVERARBEITUNG EU-Verarbeitung Auf Kasimir-eigenen Servern in der EU verarbeitet
The model picker with EU/Non-EU badges and the data-processing detail.

In the composer hint

If you've selected a model that isn't self-hosted, the composer also shows a hint:

  • For EU-cloud models: Processed in the EU via Azure Foundry (Microsoft)

  • For non-EU models (warning tone): Note: processed outside the EU – data leaves the EU

For the default (self-hosted) model no hint appears by design — everything is sovereign here.

Non-EU models: per-company opt-in

Stronger international models (e.g. xAI's Grok or DeepSeek) can be useful, but they process data outside the EU. That's why in Kasimir they are hidden entirely by default and must be enabled per company.

How to enable them (administrators only)

  1. Open AdministrationChat settings.

  2. Tick the Allow non-EU models checkbox.

  3. Save.

The hint text makes the consequence unambiguous: "Enables stronger models hosted outside the EU (e.g. Grok/xAI US, DeepSeek China). Chat data then leaves the EU — not GDPR-sovereign. Off by default."

Administration Chat Chat-Einstellungen Standardverhalten für neue Unterhaltungen in dieser Organisation Standard-Modell Gemma 4 (EU-gehostet) EU Web-Suche standardmäßig aktiviert Datei-Upload erlauben Nicht-EU-Modelle erlauben Erlaubt stärkere Modelle außerhalb der EU (z. B. Grok/xAI USA, DeepSeek China). Dabei verlassen Chat-Daten die EU — nicht DSGVO-souverän. Standardmäßig aus. Speichern Abbrechen
The non-EU models opt-in toggle in Chat settings.
⚠️

While this option is off, non-EU models appear neither in the picker nor can they be reached via the API. The lock is double-enforced: the picker hides the models, and the server rejects any hand-crafted request to a non-EU model with a 403 error. There is no way for a regular user to bypass the gate.

What enabling changes

With Allow non-EU models on, the enabled models appear in the picker for all employees — each carrying the Non-EU badge and the composer warning hint. The individual user then makes a conscious choice to use such a model for a given conversation. Self-hosted and EU-cloud models remain available at all times and stay the default.

Data Processing Agreement (DPA)

For production use with real personal data you enter into a Data Processing Agreement (DPA) with Kasimir under Art. 28 GDPR. It is built right into the product.

  1. Open AdministrationDPA.

  2. The agreement is pre-filled with your company details and fully readable.

  3. Use Download as HTML to keep a copy for your records.

  4. To execute it, tick the confirmation statement and click Accept DPA now.

After acceptance the page shows status Signed with the name, email, timestamp and version number of the signing person.

ℹ️

Only the owner of the company account can accept the DPA — all other administrators can read the agreement but, instead of the button, see a note that only the owner may sign. Until acceptance, the page states that signing is required before production use with real personal data.

Kasimir sets only the bare minimum without consent and loads everything else only after your active opt-in — in line with the TTDSG and GDPR.

Category

Contents

Consent required?

Necessary

Login session, language preference, dark mode

No (always on)

Statistics

Google Analytics — pseudonymous reach measurement

Yes

Marketing

no tools active at this time

Yes

How the banner works

On your first visit the banner We respect your privacy appears with three equally prominent options: Accept all, Reject and Settings. Settings opens the per-category toggles — and the non-necessary ones are not pre-ticked.

Kasimir Wir respektieren deine Privatsphäre We respect your privacy Wir verwenden technisch notwendige Cookies, damit die Plattform funktioniert. Optional nutzen wir Google Analytics, um die Nutzung zu verstehen und Kasimir zu verbessern. Du entscheidest selbst. Datenschutzerklärung · Impressum Einstellungen Ablehnen Alle akzeptieren
The cookie banner with equally prominent accept and reject.
💡

Google Analytics is only ever loaded after you consent — before that no data is sent to Google and no _ga cookie is set. If you later withdraw consent via Cookie settings, the analytics cookies are deleted immediately.

Your decision is stored in a first-party cookie (kasimir_consent) and lasts about six months. You can reopen and change it at any time via the Cookie settings link (e.g. in the footer).

Your rights and further information

The full privacy policy at /privacy lists all processing activities, legal bases, processors, retention periods and your data-subject rights (access, rectification, erasure, portability, objection, complaint) under the GDPR. You can also delete your chat content and generated texts yourself at any time. For privacy requests contact support@kasimir.ai; the controller is Viedev GmbH.