"The leading AI platform"
innoGPT is a German multi-model AI platform for private users, teams, and companies. Officially, it combines language models, image generation, voice integration, file/document work, a prompt library, projects, Code Interpreter, web search, academic search, Deep Research, assistants, integrations, and an API in one interface. It also includes team features, desktop apps, and a clear data protection/compliance focus with EU hosting, DPA, and Trust Center.
InnoGPT
All AI models. One tool. Permanent updates. Fully GDPR-compliant
Location: Germany ⓘ Inno KI GmbH, Osloer Str. 6, 49377 Vechta, Germany
Business According to the OMR profile for companies with all functions, all models, no limits, up to 1000 users, as well as SSO/SCIM/SAML. Other Enterprise Custom offer for large organizations; according to the OMR profile for 1000+ users, on-premise possible and individual support.
Shared-/Family models A shared-access/family model with EU hosting was mentioned publicly; specific functional details should be checked directly with the provider.
Target audience
innoGPT is aimed at three clearly identifiable segments: private users, solo self-employed professionals, and companies. The pricing structure explicitly distinguishes between private use and teams/companies; at the same time, Business and Enterprise features show that the platform is particularly well suited for SMEs, growing organizations, and larger companies with data protection, governance, or integration requirements. Official examples on the homepage include sales, HR, administration, assistance, law firms, and project management.
Outstanding features
What stands out most is the combination of multi-model access, tool layer, and compliance layer. innoGPT brings together language models, image generation, code interpreter, web search, academic search, deep research, files, projects, prompt library, assistants, meeting minutes, integrations, and API functions in a single interface. Particularly relevant for companies are model-dependent hosting control, team features, desktop apps, the Trust Center, and the Enterprise option for on-premise.
Main areas of application
The official examples cover writing and email communication, document analysis, customer inquiries, custom AI assistants, meeting minutes, knowledge work with files, web and source research, academic research, image generation, and workflow-related integrations. Through its integration and API layer, innoGPT also positions itself as a platform for automations and embedded AI workflows, not just as a standalone chatbot.
Usage & notes
According to the Help Center, usage is classically chat-based: enter a message, optionally select tools, attach files or images, use voice input, and export responses as PDF if needed. Important for buyers: not every feature is equally mature or equally available; the API officially runs as beta, Outlook integration as well, and MCP integration is still marked as “Coming Soon” in the integrations section. From a data protection perspective, it is also relevant that admins must consciously configure the model/hosting options, because not every available model is processed exclusively within the EU.
| Target audience | Assessment |
|---|---|
| SMEs / Teams | Very suitable – for secure access to multiple AI models, team use, and company-wide AI adoption. |
| Privacy-conscious EU companies | Very suitable – due to EU/Germany hosting, DPA, zero training, and ISO 27001 reference. |
| Large enterprises | Suitable – Enterprise with many users, SSO/SCIM/SAML, and possible on-premise option according to the OMR profile. |
| Self-employed / private individuals | Suitable – Personal plan according to the public OMR profile for private or individual use. |
| Regulated industries | Suitable to very suitable – if DPA, deletion periods, role permissions, and models are contractually reviewed. |
| Developers / API teams | Conditionally suitable – InnoGPT is more of a secure AI work platform than a pure LLM API. |
Hosting & Data
1) On-prem / local hosting
Meaning: The company operates the solution on its own hardware or within its own infrastructure. In the strictest sense, not only the application runs locally, but ideally the model as well.
2) Private cloud / data center
Meaning: The solution runs in a dedicated or more clearly separated cloud environment, often with a hosting provider or hyperscaler, but in a German data center or in a particularly controlled environment.
3) EU SaaS / managed
Meaning: The provider operates the solution itself as a service. The company uses the tool as a ready-made cloud service, ideally with EU data residency.
4) Hybrid
Meaning: One part of the processing remains internal / local / in a private cloud, while another part runs in an external cloud or EU SaaS.
5) AVV / DPA
Meaning: This is the data processing agreement or Data Processing Addendum. It governs that the provider processes personal data on behalf of the customer and is bound by the customer's instructions.
6) No training
Meaning: The provider does not use your prompts, uploads, attachments, chat histories, or outputs for training or improving the general model — ideally excluded by contract.
7) Open-source / transparency path
Meaning: There is a path toward greater technical transparency and sovereignty, for example through:
- open models
- documented components
- self-hostable parts
- traceable architecture
- export / switching options
| On-prem / local hosting | ❓ |
| Private cloud / data center | ⚠️ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ❓ |
On-premises / local hosting: unclear
The website does not specify an on-premises, self-hosting, or local deployment option on the customer’s own hardware.
Private Cloud / Data Center: Partially
The website confirms that the platform and core data are hosted in the EU/Germany in Frankfurt am Main by certified providers, with logically separated workspaces via row-level security. However, the website does not explicitly mention a dedicated private cloud or single-tenant deployment.
EU SaaS / Managed: Covered
The website describes innoGPT as a managed cloud service hosted in the EU, specifically in Frankfurt am Main, Germany. For the core infrastructure, it specifies exclusive hosting in Frankfurt.
Hybrid: Partially
The Help Center describes a hybrid strategy for file/RAG operations: a proprietary RAG system on servers in Frankfurt plus, where applicable, the native RAG of the selected AI model. Additionally, there are model hosting tiers with EU and global processing. However, the website does not specify a classic customer hybrid model with in-house operation.
DPA: Covered
The security page explicitly mentions a Data Processing Agreement (DPA) pursuant to Art. 28 of the GDPR, which can be concluded directly within the account with just a few clicks. The Trust Center also lists a “Data Processing Agreement.pdf.”
No Training: Covered
The website mentions a “Zero-Training Guarantee” or “Zero-Retention Policy” and explains that neither innoGPT nor its technology partners use inputs or results for training AI models. The Help Center further describes this as contractually guaranteed.
Open Source / Transparency Path: Indirect / Not Available
The website does not specify an open-source, self-hosting, or source-code transparency path. The only positive aspect is a certain level of transparency regarding data flow, subprocessors, and model hosting stages; however, there are no documented open-source components serving as a path to data sovereignty.
Data Processing
According to the website, the core platform runs in Frankfurt am Main. Inputs are transmitted in encrypted form to the application server in Frankfurt, where they are enriched and forwarded to the selected AI model. For files, the website describes a dedicated RAG system in Frankfurt; in parallel, the native file processing of suitable models can also be used. According to the website, chats are stored and automatically deleted after 180 days of inactivity. According to the Help Center, the geographic location of processing for the model depends on the selected hosting tier for that model.
Conclusion
For EU/EEA users, innoGPT is generally well documented based on the website: EU/Germany hosting of the core infrastructure, AVV, Trust Center, subprocessors, zero-training, and ISO 27001 are clearly specified. The strongest GDPR compliance position is achieved when using the documented EU hosting and EU processing options. However, on-premises/self-hosting and a true open-source path are not documented. Since the website also mentions models with global processing, the specific model configuration within the company should be carefully managed.
Sources
- https://www.innogpt.de/datenschutz-sicherheit
- https://www.innogpt.de/datenschutz
- https://trust.innogpt.de/
- https://docs.innogpt.de/de/articles/7625364-unsere-datenschutz-garantie
- https://docs.innogpt.de/de/articles/7168320-der-datenfluss-erklart
- https://docs.innogpt.de/en/help/articles/2895282-zero-retention-policy
| On-prem / local hosting | ❓ |
| Private cloud / data center | ⚠️ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ❓ |
On-premises / local hosting: unclear
The website does not specify an on-premises, self-hosting, or local deployment option on the customer’s own hardware.
Private Cloud / Data Center: Partially
The website confirms that the platform and core data are hosted in the EU/Germany in Frankfurt am Main by certified providers, with logically separated workspaces via row-level security. However, the website does not explicitly mention a dedicated private cloud or single-tenant deployment.
EU SaaS / Managed: Covered
The website describes innoGPT as a managed cloud service hosted in the EU, specifically in Frankfurt am Main, Germany. For the core infrastructure, it specifies exclusive hosting in Frankfurt.
Hybrid: Partially
The Help Center describes a hybrid strategy for file/RAG operations: a proprietary RAG system on servers in Frankfurt plus, where applicable, the native RAG of the selected AI model. Additionally, there are model hosting tiers with EU and global processing. However, the website does not specify a classic customer hybrid model with in-house operation.
DPA: Covered
The security page explicitly mentions a Data Processing Agreement (DPA) pursuant to Art. 28 of the GDPR, which can be concluded directly within the account with just a few clicks. The Trust Center also lists a “Data Processing Agreement.pdf.”
No Training: Covered
The website mentions a “Zero-Training Guarantee” or “Zero-Retention Policy” and explains that neither innoGPT nor its technology partners use inputs or results for training AI models. The Help Center further describes this as contractually guaranteed.
Open Source / Transparency Path: Indirect / Not Available
The website does not specify an open-source, self-hosting, or source-code transparency path. The only positive aspect is a certain level of transparency regarding data flow, subprocessors, and model hosting stages; however, there are no documented open-source components serving as a path to data sovereignty.
Data Processing
According to the website, the core platform runs in Frankfurt am Main. Inputs are transmitted in encrypted form to the application server in Frankfurt, where they are enriched and forwarded to the selected AI model. For files, the website describes a dedicated RAG system in Frankfurt; in parallel, the native file processing of suitable models can also be used. According to the website, chats are stored and automatically deleted after 180 days of inactivity. According to the Help Center, the geographic location of processing for the model depends on the selected hosting tier for that model.
Conclusion
For EU/EEA users, innoGPT is generally well documented based on the website: EU/Germany hosting of the core infrastructure, AVV, Trust Center, subprocessors, zero-training, and ISO 27001 are clearly specified. The strongest GDPR compliance position is achieved when using the documented EU hosting and EU processing options. However, on-premises/self-hosting and a true open-source path are not documented. Since the website also mentions models with global processing, the specific model configuration within the company should be carefully managed.
Sources
- https://www.innogpt.de/datenschutz-sicherheit
- https://www.innogpt.de/datenschutz
- https://trust.innogpt.de/
- https://docs.innogpt.de/de/articles/7625364-unsere-datenschutz-garantie
- https://docs.innogpt.de/de/articles/7168320-der-datenfluss-erklart
- https://docs.innogpt.de/en/help/articles/2895282-zero-retention-policy
Strengths & weaknesses at a glance
| Strengths | Weaknesses |
|---|---|
| • Broad range of functions in one interface: chat, files, code, web, research, images, assistants. | • No permanent free version, only a trial period. |
| • Clear B2B/team orientation with collaboration, SSO/SCIM/SAML, and enterprise options. | • Some advanced features are in beta or coming soon, such as API (beta), Outlook integration (Beta), Agents (soon), and MCP server integration in the integrations section marked “Coming Soon”. |
| • Strong compliance focus with a German company, EU hosting, DPA, Trust Center, and a no-training promise. | • On-premise/self-hosting is clearly positioned in the Enterprise context. |
| • Good workflow integration via integrations, Outlook beta, cloud storage, API, and an on-premise option in the enterprise context. | • For the platform as a whole, the following is important: depending on the model, global processing or global hosting may also be possible; this must be actively managed administratively. |
Reviews
0 reviews in total
There are no confirmed reviews for this tool yet.
Submit review
Your review will only become visible after email confirmation. This protects the portal against abuse.
Report review
Please select the reason why this review should be checked.
GDPR-compliant usage possible?
The website clearly emphasizes compliance with the GDPR for the European market: innoGPT describes EU hosting—specifically servers in Frankfurt am Main—a directly executable data processing agreement (DPA) in accordance with Article 28 of the GDPR, a zero-training/zero-retention policy, automatic deletion schedules, and a Trust Center featuring subprocessors and compliance documents. Additionally, according to the Help Center, admin settings are available for different model hosting levels, including “EU Hosting / EU Processing.” From an EU/EEA perspective, this provides a documented path to GDPR-compliant use.
Positive
Positive aspects include EU/Germany hosting for the core infrastructure, a data processing agreement (DPA) in accordance with Article 28 of the GDPR, documented subprocessors in the Trust Center, zero training as stated on the security page and in the Help Center, ISO/IEC 27001:2022 in the Trust Center, and a clearly described data flow with storage and deletion after 180 days. Additionally, the website lists hosting options for individual models, such as “EU Hosting / EU Processing,” which is relevant for EU/EEA users.
Negative
A limitation is that the website also states that not all models are processed exclusively within the EU: The Help Center mentions “EU Hosting / Global Processing” and “Global Hosting / Global Processing” as well. As a result, actual compliance in individual cases depends on the model selected and the admin settings. The website does not consistently provide comprehensive evidence to support a claim that, without exception, all processing for all models takes place exclusively within the EU/EEA.
Server Location
The website specifies servers in Frankfurt am Main, Germany, for core data and platform hosting, as well as hosting within the EU in general. According to the Help Center, three levels are listed for individual models: “EU Hosting / EU Processing,” “EU Hosting / Global Processing,” and “Global Hosting / Global Processing.”