KIFOX - The Search Portal for AI Applications ?

Which AI tool is GDPR-compliant? Compare features, hosting, and data protection with real user reviews and an editorial score. Compare for free now.

Here, users can get an overview of which AI tools and LLMs are currently available on the market. Every user is free to submit a review and share their experience with AI applications, and can click a link to go directly to the provider’s website.

KIFOX is not an online store, but a comparison and information portal for AI applications.

ⓘ“A platform for all your company’s knowledge—search, assistant, agents.”

amber connects internal corporate systems and makes their content accessible via a central AI search. amberAI answers questions based on internal data and cites the sources used. amberAgents automates recurring, multi-step tasks and can trigger actions in other systems via interfaces.amber

A platform for all your company's knowledge – Search, Assistant, Agents

7.5/10 | Good

API Integration, Automation, Image generation, Chatbot, Data Analysis, Document analysis, AI agents, Research, Speech recognition, Text recognition, Text generation, Knowledge Base, Summary

Subscription SmartWebsite Basic Domain, SSL certificate, email accounts, limited website size, and AI website generator.

SmartWebsite Plus Basic features plus significantly more subpages, AI text generator and optimizer, AI SEO assistant, and marketingRadar.

SmartWebsite Pro Plus features, larger page quota, and rankingCoach for advanced search engine optimization.


Smart AI Phone Assistant Unlimited AI phone service with monthly cancellation option, featuring unlimited calls, call forwarding, appointment scheduling, and advanced API integration. Other AI Email Assistant Optional add-on for STRATO plans that include an email account; features drafts, summaries, replies, rephrasing, and translations.

WordPress Hosting with AI Setup WordPress hosting with AI-powered initial setup of websites and content.



SmartWebshop E-commerce packages with website/shop creation and integrated AI support for setup and content.

V-Server for LLM Hosting Virtual servers for independent operation of small and medium-sized open-source language models.

Dedicated Servers for LLM Hosting Dedicated hardware for larger models, custom AI services, agents, and controlled enterprise applications.

OpenClaw and n8n Hosting Server offerings for self-hosted AI agents and workflow automations.

Location: Germany amber Tech GmbH, Jülicher Straße 72a, 52070 Aachen, Germany

GDPR: Yes The website demonstrates, for the best available user experience, a generally clear alignment with the GDPR for EU/EEA users: amber describes itself as “EU data protection compliant,” mentions “Privacy by Design & Default,” incident reporting in accordance with GDPR Articles 33 and 34, DPA documentation, hosting in Germany, and the statement that interactions are not used to improve AI models without explicit consent. For the European region, Germany as a server location within the EU/EEA is a positive factor. Limitation: A complete list of subprocessors available on the website or publicly accessible detailed documentation regarding the AVV/DPA is not provided on the website; therefore, the assessment is based on the provider’s explicit product and security statements.
Positive
Confirmed positives include hosting and processing in Germany, T Cloud data centers in Germany with virtual network isolation per customer, ISO 27001 and other mentioned security standards, a reference to the AVV/DPA, Privacy by Design, deletion upon request, and an explicit opt-in for training rather than use without consent.
Negative
A negative or incomplete aspect is that the website does not provide a freely accessible list of subprocessors or links to fully publicly available AVV/DPA details. Likewise, there is no explicit description of EU data residency outside of Germany; Germany is primarily specified. On-premises/self-hosting of the amber product itself is not clearly offered on the website.
Server Location
The website states on multiple occasions that development and processing steps take place on servers in Germany and that the platform and index run in T Cloud data centers in Germany. In the context of the EU/EEA, Germany falls within the relevant legal jurisdiction.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ"Your AI accelerator for every workflow, from the editor to the enterprise."

GitHub Copilot is an AI-powered coding assistant for IDE, GitHub.com, CLI, Mobile, and Windows Terminal. It offers code completion, chat, code review, agentic workflows, pull request summaries, MCP integration, and a cloud agent that can analyze repositories, make changes on branches, and prepare pull requests.

The product is clearly focused on software development and team workflows, not on general text or office applications.GitHub Copilot

Your AI accelerator for every workflow, from the editor to the enterprise

7.8/10 | Good

App Development, AI agents, Programming

Free GitHub Copilot Free Limited entry-level option for personal use; according to GitHub, includes up to 2,000 inline suggestions per month and limited premium requests. Not suitable for enterprise use.

GitHub Copilot Student For verified students; includes unlimited completions, Copilot Chat, additional models, and monthly premium requests. Subscription GitHub Copilot Pro For individual developers with unlimited IDE completions, Copilot Chat, additional models, and premium requests.

GitHub Copilot Pro+ Everything in Pro plus full access to available models in Copilot Chat, higher premium request limits, and priority access to advanced AI features.

GitHub Copilot Business For teams and organizations; includes Copilot Cloud Agent, centralized management, and Copilot policy control for organization members.

GitHub Copilot Enterprise For companies on GitHub Enterprise Cloud; includes everything in Copilot Business plus additional enterprise features and centralized assignment at the organization, user, and team level. Other GitHub AI Credits / usage-based billing Copilot plans include GitHub AI credits or quotas; for Business and Enterprise, credits are pooled per user at the billing unit level.

GitHub Enterprise Server Self-hosted GitHub platform for enterprises, on-premises or in a Virtual Private Cloud; important: according to GitHub, Copilot is currently not available for it.

Location: USA GitHub, Inc., 88 Colin P. Kelly Jr. St., San Francisco, CA 94107, United States. EU address according to the Privacy Statement: GitHub B.V., Prins Bernhardplein 200, Amsterdam 1097JB, The Netherlands.

GDPR: Partly For the European region, the conditions for GDPR-compliant use of GitHub Copilot have been documented. Positive aspects include the DPA/AVV that explicitly applies to GitHub Copilot, a documented EU data residency for GitHub Enterprise Cloud with Data Residency, and statements that, in cases of enforced data residency, code, prompts, and responses do not leave the region during inference. At the same time, standard usage is not consistently documented as being local to the EU; the list of subprocessors mentions several processing operations in the U.S., and individual model paths or functions have differing retention rules. Therefore, usage by EU/EEA users is not generally proven to be fully GDPR-compliant, but only with appropriate enterprise configurations and contractual frameworks.
Positive
GitHub documents that the GitHub DPA also applies to GitHub Copilot. For GitHub Enterprise Cloud with Data Residency, a Copilot policy is described that routes all Copilot requests to model endpoints within the specified region; supported regions are the U.S. and the European Union. GitHub also states that, when data residency is enforced, code, prompts, and Copilot responses do not leave the region during inference, and that Copilot-related logs and telemetry are stored in region-compliant storage. For Business and Enterprise customers, GitHub also specifies restrictive retention policies by default for certain types of usage—for example, no retention of prompts and suggestions when accessing the IDE for chat and code completions.
Negative
The website does not provide blanket assurance that all standard SaaS usage of Copilot within the EU/EEA takes place locally within the EU without further measures. GitHub’s list of subprocessors lists several processing locations in the U.S. Additionally, data is retained for varying lengths of time depending on the interface; for Copilot access other than IDE chat and code completions, GitHub specifies a retention period of 28 days for prompts and suggestions. For individual subscriptions, interaction data may be used to train and improve AI models, provided that opt-out has not been selected. The website does not indicate that GitHub Copilot offers true on-premises or self-hosted operation.
Server Location
For GitHub Copilot with Data Residency, the website lists the United States and the European Union as regions. With enforced data residency, code, prompts, and responses remain within the specified region during inference. However, the general list of subprocessors lists processing locations in the U.S. for several subprocessors. Specific EU countries or individual data center locations for Copilot are not specified on the website.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“Generative media platform for developers” / “The world’s best generative image, video, and audio models, all in one place.”

fal.ai is a developer platform for generative media APIs, serverless GPU inference, model deployment, training, fine-tuning, and dedicated GPU compute workloads. The platform provides access to 1,000+ models for image, video, audio, music, speech, 3D, and real-time streaming.fal.ai

The world’s best generative image, video, and audio models, all in one place

7.4/10 | Good

Image generation, AI inference, LLM API, Voice output, Video generation

Free Sandbox / Initial use Interactive sandbox for testing AI models; a publicly clearly defined permanently free standard plan with fixed limits could not be reliably found in the official sources. Other Model APIs Output-based billing per model; image models typically per image or megapixel, video models per second or video, other models per request or output unit. According to the docs, users only pay for successful outputs, not for server errors or queue waiting time.

Prepaid Credits fal.ai uses a prepaid credit model; credits are purchased in advance and deducted when used via the UI or API. According to the terms, purchased credits expire after 365 days, free/promotional credits after 90 days.

Serverless Deploy your own apps/models serverlessly; billing differs from Model APIs and is based on runner/compute usage.

Compute Dedicated GPU instances for continuous workloads; billed hourly by instance type, e.g. H100/H200/A100 classes according to the Compute documentation.

Enterprise Custom Enterprise platform with Custom Models, Dedicated Serverless Infrastructure, SLA Guarantees, Support, Private Endpoints, SSO, Usage Analytics, and customer-specific agreements.

Third-Party Models Access to third-party models; for third-party API models, client content may be transmitted to the respective third party, and its terms also apply.

Location: USA fal – Features & Labels, Inc., 2261 Market St. Suite 10467, San Francisco, CA 94114, USA.

GDPR: Partly GDPR-compliant use for users in the EU/EEA can only be substantiated to a limited extent. On the positive side, fal explicitly acts as a data processor for enterprise use, describes the rights of data subjects in Europe, and lists appropriate safeguards—such as contractual clauses—for international data transfers. At the same time, the website explicitly lists servers in the U.S. and other countries as the default, provides no documentation of EU data residency, no EU/EEA data centers, no publicly accessible link to the Data Processing Agreement (DPA), and no published list of subprocessors. Consequently, its use in the EU/EEA is justifiable only under additional contractual and organizational conditions, but not as a clearly and fully documented standard solution.
Positive
The website includes a privacy policy with a section for individuals in Europe, references to legal bases and data subject rights, as well as a statement that fal acts as a “processor” on behalf of the customer in enterprise contracts. In addition, the documentation describes controllable data retention for request data and media, as well as open libraries and dedicated compute/deploy options for customer-owned models.
Negative
The website lists the U.S. and other countries as processing and storage locations. EU data residency, specific EU/EEA data centers, a published list of sub-processors, a publicly accessible Data Processing Agreement (DPA), an explicit commitment to “no training with customer data” or relevant certifications such as ISO 27001 are not specified on the website. Nor is there any evidence on the website of a genuine on-premises/self-hosting option on the customer’s own infrastructure.
Server Location
According to the privacy policy, fal processes and stores personal data on servers in the U.S. and other countries. Specific data center locations in the EU/EEA are not listed on the website.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ"Seeking the optimal conversion from energy to intelligence"

Moonshot AI is the provider behind Kimi, an LLM and agent platform focused on long contexts, coding, deep research, documents, spreadsheets, slides, web search, and multimodal processing. The Kimi API offers models such as Kimi K2.6, K2.5, K2, and Moonshot-v1.Moonshot AI

LLM “Seeking the optimal conversion from energy to intelligence”

4.2/10 | Limited

Function Calling, AI Agents, LLM API, Multimodal AI, Open Source Model, Programming, Reasoning Model, Language Model, Text Generation

Other Pay-as-you-go API Flexible, usage-based billing according to input and output tokens, model selection, and, where applicable, document/tool usage; suitable for developers and small teams.

Kimi K2.6 / K2.5 / K2 / Moonshot V1 Model families for multimodal or text-based tasks, long context, coding, agents, reasoning, and dialogue tasks.

Enterprise Solutions & Customization For medium-sized and large companies with flexible rate limits, multi-project deployments, support, SLA-oriented reliability, and individual agreements according to the platform page.

Location: Singapore MOONSHOT AI PTE. LTD., Singapore Ltd.

GDPR: Unclear Although the specified domain https://platform.moonshot.ai/ contains references to data protection and compliance, the information essential for a robust GDPR assessment throughout the EU/EEA is either missing or cannot be found on this domain. In particular, the website does not specify: the specific server location or data center location, EU/EEA data residency, subprocessors, the Data Processing Agreement (DPA), the option to opt out of model training, or relevant certifications. Since only information from this domain may be taken into account, overall compliance cannot be reliably verified.
Positive
The website provides links to a privacy policy and terms of use. Additionally, the homepage for enterprise offerings mentions “data compliance and privacy protections.” There is also an open-source/locally-based approach via documented integrations with OpenClaw, as well as references to open-source components such as Kimi CLI and MoonPalace.
Negative
The website does not specify an EU/EEA server location, EU data residency, a Data Processing Agreement (DPA), a list of subprocessors, a contractual exclusion of training with customer data, on-premises or true self-hosting options for the models themselves, or ISO 27001, SOC 2, or comparable certifications. Additionally, the domain redirects to content on a different domain; since only the specified domain may be evaluated, the documentation on the target domain itself remains incomplete.
Server Location
Not specified on the website. No specific location of servers or data centers within the EU/EEA or outside the EU/EEA can be found on the specified domain.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ"Ask, Chat, Create and More"

Meta AI is a generative AI assistant from Meta for chat, research, recommendations, image/video creation, file analysis, shopping, local recommendations, and voice interactions.
It is integrated into Meta products such as WhatsApp, Messenger, Instagram, Facebook, the standalone app, meta.ai, and Meta AI Glasses.
Since April 2026, according to Meta, Meta AI has been powered by Muse Spark, the first model in a new model family from Meta Superintelligence Labs.Meta AI

Your personal AI assistant

3.5/10 | Insufficient

Image Generation, Chatbot, Multimodal AI, Research, Language Model, Text Generation, Translation, Summarization

Free Free use as a personal AI assistant for answers, recommendations, image/file understanding, voice/text, creative content, and use across Meta apps.

Location: USA Meta Platforms, Inc., 1 Meta Way, Menlo Park, California 94025, USA

GDPR: Unclear No reliable documentation regarding the privacy policy, Terms of Service/Data Processing Agreement, subprocessors, EU data residency, server locations, on-premises/self-hosting, or certifications for Meta AI could be found on the provider’s website at the specified domain using the web search tool. The pages found on meta.ai and its associated subpages primarily led to login prompts in the tool, without disclosing the requested compliance information. Consequently, the necessary primary documentation is missing from the provider’s domain to assess usability throughout the entire EU/EEA region.
Positive
It has been confirmed that an official “Meta AI” service is operated under the provider’s domain. Furthermore, no reliable compliance documentation was available via the domain using the search query.
Negative
Not specified on the website or not found via the web search tool on the domain: specific GDPR commitments for the EU/EEA, Terms of Service/Privacy Policy, list of subprocessors, EU data residency, server/data center locations, self-hosting/on-premises options, opt-out from general AI training for this tool’s use, and relevant certifications.
Server Location
Not specified on the website.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ"One Voice AI Assistant. Different Ways to Use It."

Speechify is a voice AI platform that converts text into natural-sounding speech and also offers features such as Voice Typing, Voice AI Assistant, AI Podcasts, OCR scanning, as well as creator/studio features like Voice Over, Dubbing, and Voice Cloning.

The product is available as a web app, browser extension, and for iOS, Android, macOS, and Windows; there is also an API for developers.Speechify

One Voice AI Assistant. Different Ways to Use It

6.8/10 | Solid

Hörbucherstellung, Voice output, Stimmenklonen, Transcription

Free Basic text-to-speech features, slower listening, limited simple voices, and text-to-speech only. Subscription Premium High-quality natural voices, many languages, faster listening, Scan & Listen, AI Summaries & Chats.

Speechify Studio Separate subscription for voiceovers, creator content, podcasts, videos, dubbing, and audio production. Other API Text-to-speech API with a free tier and scalable usage plans for apps and workflows.

Enterprise / EDU Enterprise and education offerings for larger organizations, teams, and integrations.

Location: USA Speechify Inc., 7901 4th Street N, Suite 6193, St. Petersburg, FL 33702, United States

GDPR: Partly GDPR assessment: Speechify is conditionally suitable from a GDPR perspective.

Positive is that Speechify describes rights for EEA, Switzerland, and UK users, enables data deletion, mentions Standard Contractual Clauses for transfers outside Europe, and states encryption in transit and at rest.

Negative is that, according to the Privacy Policy, Speechify transfers information to the USA, where it is processed and stored; in addition, User Content and personal data are synchronized with the servers depending on usage. A publicly clear AVV/DPA for regular users could not be reliably verified.

Server location: USA. Further link: Speechify Privacy and Pricing.

Privacy Policy

– ★★★★★★★★★★ (0)

Link

Link

ⓘOptimus is Tesla’s humanoid robotics platform designed for physical tasks in factories and, in the future, in homes. Tesla is developing software for balance, navigation, perception, and physical interaction. The robot is not currently available for purchase by the general public.Tesla

general-purpose, bipedal, autonomous humanoid robot

3.3/10 | Insufficient

Autonomous Navigation, Embodied AI, Home robots, Humanoid robots, Industrial robots, Robotic Learning, Robotic Manipulation

Location: USA Tesla, Inc., 1 Tesla Road, Austin, Texas 78725, USA. For data protection matters within the EEA, Tesla also designates Tesla International B.V., Burgemeester Stramanweg 122, 1101 EN Amsterdam, Netherlands.

GDPR: Unclear Overall assessment:

On the positive side, Tesla has a comprehensive general privacy policy. For individuals in the EEA, the United Kingdom, and Switzerland, Tesla International B.V. in the Netherlands is designated as the data controller. Tesla identifies a data protection officer, outlines data subject rights, provides options for erasure, describes technical and organizational security measures, and references EU Standard Contractual Clauses for international transfers. Tesla also states that it does not sell personal data.

On the negative side, the publicly available privacy policy mainly refers to vehicles, energy products, websites, accounts, and existing Tesla services. A specific privacy policy for Optimus, its cameras, microphones, telemetry, remote control, training data, or operating environment has not been published: No verified information available.

Server location: Tesla is a global company and may transfer personal data to the U.S. and other countries. For European data, Tesla refers to standard contractual clauses and technical and organizational safeguards. A specific EU data residency for Optimus is not specified.

Training on customer data: Tesla describes, in part, local camera processing for vehicles and consent-based data sharing for fleet learning. These statements cannot be automatically applied to Optimus. There is no publicly available Optimus-specific non-training commitment.

DPA: No publicly available, product-specific DPA template exists for future enterprise use of Optimus: No verified information is available.

Conclusion: Tesla generally has established GDPR processes, SCCs, and a European data controller. However, a robust GDPR assessment for Optimus will only be possible once Tesla publishes specific product terms, data flows, storage locations, retention policies, training usage, and contractual documents.

Customer Privacy Notice

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“Boost visibility in Google, ChatGPT, and beyond.”

Surfer is an SEO and AI visibility platform for planning, creating, optimizing, and monitoring content.

The product combines Content Editor, Topical Map, Content Audit, SERP Analyzer, Audit, as well as AI visibility tracking for systems such as ChatGPT, Perplexity, Google AI Overview, Google AI Mode, and Gemini. In addition, it includes AI writing features, internal linking, integrations, and team/workspace functions.Surfer

Boost visibility in Google, ChatGPT, and beyond

7.1/10 | Good

SEO, Text generation

Free Free tools such as Chrome Extension, AI Writing Tools, AI Detector, Humanizer, and courses; no fully featured permanently free version of the Surfer platform. Subscription Discovery Getting started with content creation and optimization, limited documents, page tracking, AI SEO guidelines, Surfy, and Humanizer.

Standard Unified SEO workflow, more documents, AI visibility tracking, AI prompts, integrations, brand knowledge, 1-click content optimization, and team collaboration.

Pro Everything in Standard plus more AI prompt tracking, multiple brand workspaces, internal linking, content ideas, coverage gap, templates, custom voices, and cannibalization report.

Peace of Mind Everything in Pro plus more unlimited optimization, more AI visibility tracking, API access, and VIP/scale features. Other Enterprise Customized packages with SSO, Enterprise Security, Advisory, Legal Onboarding Assistance, Early Access, Custom Limits, White-Label, Priority Support, and Team Onboarding.

AI Credits / Top-ups Additional AI credits can be added to active subscriptions.

Location: Poland Surfer Sp. z o.o., Plac Solny 14/3, 50-062 Wrocław, Poland.

GDPR: Partly GDPR assessment: Surfer AI / Surfer SEO is conditionally to well suited from a GDPR perspective.

Positive is that Surfer is a Polish provider based in Wrocław, explicitly mentions the GDPR in its Customer Privacy Policy, and describes a DPA mechanism for customer data directly in the privacy clause. Surfer specifies technical and organizational measures under Art. 32 GDPR, deletion/return rules, a list of subprocessors, and SCCs or appropriate transfer mechanisms for third-country transfers.

Negative is that subprocessors are not located exclusively in the EU; among others, Google Cloud Platform with EU/USA, Cloudflare globally, Stripe globally, as well as other providers with US ties are mentioned.

Server location: Not exclusively in the EU; Google Cloud Platform EU/USA and other global or US subprocessors are documented.

Privacy Policy

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“Transform your business with modern, AI-first applications.”

Microsoft Power Apps is a low-code platform for creating and deploying business applications.

The product primarily supports canvas apps and model-driven apps, can be used with little or no code, and can also be extended through custom code, components, and integrations. Typical use cases include internal line-of-business applications, mobile data capture, process-oriented business apps, and app-supported workflows based on Dataverse, Microsoft 365, and other data sources.MS Power Apps

Transform your business with modern, AI-first applications

7.4/10 | Good

App Development, Automation, Data Analysis

Free Free developer account for building and testing unlimited apps/flows, multiple developer environments, connectors, Dataverse entitlement, and limited flow runs. Subscription Power Apps Premium User license for unlimited Power Apps and Power Pages, prebuilt/custom/on-premises connectors, Dataverse entitlements, and agentic features in apps.

Power Apps Premium with minimum purchase requirement For large organizations with many users; same core features with enterprise procurement. Other Pay-as-you-go via Azure Usage-based billing for apps, Dataverse storage, and Power Platform meters via Azure Subscription.

Dataverse / AI Builder / Power Platform Add-ons Additional capacities, AI Builder, Dataverse Storage, Power Automate, and other Power Platform extensions per usage.

Per-app license No longer available for new customers since January 2, 2026; existing customers must check status and renewal.

Location: USA Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052-6399, USA. Relevant for many EEA contexts: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland; registered office: 70 Sir John Rogerson’s Quay, Dublin 2, Ireland.

GDPR: Partly From the perspective of a user in Europe, using MS Power Apps in compliance with the GDPR is generally possible, but it depends on specific configurations and contractual arrangements. The Microsoft website provides a DPA, information on subprocessors, data residency options for Power Platform, and the EU Data Boundary for Power Platform. At the same time, Microsoft itself points out that data can be replicated within a selected geo, that certain user actions may expose data outside the geo, and that classification within the EU Data Boundary depends on tenant and environment deployment.
Positive
Positive aspects include the published Microsoft Products and Services Data Protection Addendum (AVV/DPA), the documented subprocessor structure, the ability to choose a data location or geo for Power Platform, the EU Data Boundary for Power Platform, and documented data subject rights and export functions. For Copilot/AI features, Microsoft also documents that customer data is not used to train Microsoft or third-party models unless the customer opts in to data sharing.
Negative
A negative or limiting aspect is that GDPR-compliant use does not automatically follow from standard use. Microsoft itself describes limited exceptions for transfers outside the EU Data Boundary, the dependency on billing address, tenant geo, and environment deployment, as well as the possibility that users or connected services may expose data outside the geo. The website does not specify whether Power Apps is available as a fully local deployment as a complete product.
Server Location
Microsoft lists several global data centers and geographic locations for the Power Platform. For EU/EEA-relevant use, Microsoft specifies the EU Data Boundary with data centers in EU and EFTA countries, including Austria, Belgium, Denmark, Finland, France, Germany, Greece, Ireland, Italy, the Netherlands, Norway, Poland, Spain, Sweden, and Switzerland. According to the website, the specific assignment for Dynamics 365 and Power Platform depends on the billing address as well as the deployment of the tenant and all environments within a geo location inside the EU Data Boundary.

– ★★★★★★★★★★ (0)

Link

Link

ⓘLlama is Meta's family of generative foundation models for text and, in part, image/text understanding.

Meta positions Llama as a flexibly deployable model series that can be fine-tuned, distilled, and deployed “anywhere”; this includes self-hosting, private cloud, and hosting through partners. Llama 4 brings native multimodality, while Llama 3.x continues to address important text, coding, translation, and agent use cases.Meta Llama

LLM “Industry Leading, Open-Source AI”

7.0/10 | Good

Function Calling, LLM API, Model Training, Multimodal AI, Open Source Model, Programming, Language Model, Text Generation

Free Llama model weights / Download Llama models can be downloaded, fine-tuned, distilled, and self-hosted under the Meta license; infrastructure costs for self-hosting are incurred separately.

Meta Llama API Preview / Waitlist The Llama API is officially positioned via waitlist/login; I could not reliably substantiate a permanently freely usable public API free version with guaranteed limits. Other Managed Llama API API access to current Llama models, API key, playground, SDKs, OpenAI-like integration, tool calling, and models such as Llama 4 Maverick/Scout according to the official Llama API page.

Self-hosting / own cloud / edge Operation of the model weights on your own infrastructure, with cloud providers, or locally; suitable for data protection, cost control, and individual optimization.

Cloud provider / third-party hosting Llama models are available through various cloud and inference providers; data protection, pricing, and server locations then depend on the respective provider.

Fine-tuning / distillation / Llama Stack Customization and integration into your own AI architectures, depending on the model license, infrastructure, and technical setup.

Location: USA Meta Platforms, Inc., 1 Meta Way, Menlo Park, California 94025, USA.

GDPR: Unclear I cannot reliably perform the requested evaluation based on web search results from www.llama.com because the available web search tool did not return any results from that domain. Since only information from www.llama.com may be used and no third-party sources are permitted, a reliable assessment is not possible on this basis.
Positive
Not specified on the website.
Negative
Privacy policy, server locations, Terms of Service/Data Protection Agreement, subprocessors, EU data residency, opt-out from AI training, and certifications could not be verified via the domain search.
Server location
Not specified on the website.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“The #1 framework for AI-generated electronics.”

tscircuit is an open-source, code-based EDA framework that allows you to describe schematics and PCBs in React and TypeScript. From the code, the system generates schematic, PCB, 3D, and manufacturing views, among other things. AI assistants can interpret requirements, search for components, and generate the necessary tscircuit code.tscircuit

The #1 framework for AI-generated music

5.9/10 | Limited

Programming, Circuit Design

Free The core is open-source under the MIT license and can be used locally via the CLI or as a TypeScript/React framework. This enables full-fledged circuit design, PCB layout, simulation, and export workflows. Other PCB Hosting and Ordering Service Hosting and ordering of printed circuit boards, circuit modules, schematics, 3D models, and other electronics assets.

Private Registry Use of a custom npm-compatible registry for internal components, files, and team collaboration.

External AI Providers AI requests can be processed via OpenAI and Anthropic; potential costs and quotas depend on the specific integration.

Location: USA tscircuit, Inc., 3106 25th Street, San Francisco, CA 94110, USA

GDPR: Partly Overall assessment:

On the positive side, tsCircuit has published a detailed privacy policy that outlines the legal basis for EU users, data subject rights, account deletion, and technical and organizational security measures. Personal data is generally only stored for as long as an active account exists or as required by legal obligations. Users can request access, correction, or deletion via a dedicated privacy form.

On the negative side, tsCircuit Inc. is headquartered in San Francisco, and according to the Terms of Service, the services are hosted in the U.S. When using the AI features, inputs, outputs, and, where applicable, personal data are shared with external AI service providers. The privacy policy explicitly names OpenAI and Anthropic as AI service providers. Additionally, cloud, storage, analytics, authentication, and payment service providers may be used.

Server location: USA for the hosted services. A publicly available DPA for European business customers, EU data residency, standard contractual clauses, or a complete list of subprocessors by name were not found: No reliable information available.

Conclusion: tsCircuit is well-suited for public open-source projects and non-confidential electronic designs. For proprietary circuits or personal data, it is preferable to work locally, use a private package registry, and review the external AI integration separately. Confidential project details should not be transmitted to the integrated AI chat without prior review.

PRIVACY POLICY

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“A one-stop, integrated AI developer studio for end-to-end development of AI applications.”

IBM watsonx.ai is a development platform for building, customizing, testing, and deploying generative AI, traditional machine learning models, and AI agents. It combines foundation models, prompt and agent tools, RAG, AutoAI, APIs, notebooks, and production runtimes in a single environment. The platform can be operated as IBM Cloud SaaS or via IBM Software Hub in your own OpenShift environments.IBM watsonx.ai

A comprehensive, all-in-one AI development studio for end-to-end development of AI applications.

8.0/10 | Very good

Data Analysis, Embeddings, Function calls, AI agents, LLM API, Modelltraining, open-source model, Language model

Free Toolbox Playground / Free Free plan with a limited monthly foundation model quota, limited machine learning compute hours, and limited text extraction. Suitable for testing, playground use, and initial prototyping.

Lite Runtime Plan Free runtime plan with limited capacity for testing machine learning and inference. Foundation model tuning is not supported on the Lite plan. Subscription Essentials – Pay-as-you-go For production deployments with no fixed minimum usage; usage-based billing for models, machine learning, text extraction, model tuning, and other resources.

Standard – Pay-as-you-go Enterprise plan with a larger included compute quota and additional usage-based billing; designed for extensive production and enterprise workloads.

HIPAA-Ready Specialized plan for generative AI and machine learning under HIPAA security and privacy requirements; officially available only in the IBM Cloud Dallas region. Other IBM Foundation Models Use IBM Granite models via pay-as-you-go inference or dedicated on-demand hosting, depending on the model.

Third-party models Access to models from Meta, Google, DeepSeek, Mistral, and others; usage-based inference or dedicated on-demand deployment, depending on the model.

Embedding and Reranking Models Usage-based billing for IBM and third-party embedding models, as well as reranking capabilities for semantic search and RAG.

Deploy on Demand Dedicated hosting of selected foundation models with hourly runtime billing; availability depends on the model and region.

Machine Learning / AutoAI Usage-based billing via Capacity Unit Hours for training, AutoAI, model deployment, and scoring.

LoRA/QLoRA Fine-Tuning Customization of supported foundation models using your own data; according to IBM, QLoRA is available in Frankfurt and Dallas, among other locations.

Custom Foundation Models Import, hosting, and deployment of customer-owned or customized foundation models on dedicated infrastructure.

IBM Software Hub / On-Premise Self-operated watsonx.ai installation on Red Hat OpenShift, including a private registry and optional air-gapped environment; customized software, infrastructure, and support agreement.

Enterprise Support Extended support and SLA options in addition to the included basic support.

Location: USA International Business Machines Corporation, 1 New Orchard Road, Armonk, New York 10504-1722, USA. German subsidiary: IBM Deutschland GmbH, IBM-Allee 1, 71139 Ehningen, Germany

GDPR: Yes For users in the EU/EEA, GDPR-compliant use in accordance with the best available practice documented on the IBM website is well-documented, because IBM provides a DPA for the processing of personal data and watsonx.ai can be operated not only as SaaS but also via the IBM Software Hub in a user’s own OpenShift environment or on-premises. In addition, EU regions are designated on IBM Cloud for watsonx.ai Runtime and watsonx.ai Studio. This provides a relatively straightforward path to data-sovereign usage within Europe, particularly through self-hosting or EU regions. However, a blanket statement that any standard SaaS usage is automatically fully GDPR-compliant cannot be substantiated in every detail on the website.
Positive
IBM outlines a data protection infrastructure that includes the IBM Privacy Statement and the IBM Data Processing Addendum. For watsonx.ai, EU regions on IBM Cloud are documented, specifically Frankfurt for watsonx.ai Runtime and watsonx.ai Studio. Additionally, watsonx.ai can be installed via IBM Software Hub on private, on-premises, or the customer’s own OpenShift infrastructure. In the FAQs, IBM also states that prompts do not train the foundation models and that customer data is intended to remain private to the account.
Negative
No standalone, product-specific subpage for watsonx.ai was found on the website that provides a clear, comprehensive EU/EEA data residency commitment for all pricing plans and all components. A specific, publicly accessible list of subprocessors specifically for watsonx.ai was not found; instead, IBM refers generally to DPAs, privacy information, and, in some cases, lists available upon request. An explicit opt-out mechanism is also not described separately on the website but is only indirectly addressed by the fact that, according to the FAQs, customer data is not used for model training.
Server Location
For the SaaS/IBM Cloud version, EU locations are documented on the IBM website, specifically Frankfurt (eu-de) for watsonx.ai Runtime and watsonx.ai Studio. An IBM article on watsonx on IBM Cloud also mentions secure facilities in Dallas and Frankfurt. When using the service via IBM Software Hub or on-premises, the customer determines the infrastructure location themselves. Other specific server locations for all watsonx.ai components are not consistently listed on the website.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ"Building AI to Simulate the World"

Runway is an AI platform for generative media production with a focus on AI video, image generation, video editing, performance capture, audio/voice features, workflows, and API access.

The tool is aimed at creators, marketing teams, film/media production, agencies, developers, and companies that want to create or edit visual content with AI.Runway

Building AI to Simulate the World

7.2/10 | Good

Image Generation, Video Generation, Video Editing

Free Free entry with a one-time credit allocation; suitable for testing and for initial generations. Subscription Standard More monthly credits, access to core Runway apps and generative video/image features; for individuals and small teams.

Pro More credits, access to all apps, workflows, generative video models, third-party models, more storage, and advanced creative features.

Unlimited Everything in Pro plus Explore Mode for unlimited image and video generations at a relaxed speed; additionally, monthly credits for features without Explore Mode. Other Enterprise Custom enterprise offering with SSO, custom credits, configurable organization and team spaces, Advanced Security, onboarding, success program, and priority support.

Credits / Additional Credits Runway uses credits for many generation features; additional credits are available for paid plans.

Location: USA Runway AI, Inc., 18 West 18th Street, 11th Floor, New York, NY 10011, USA

GDPR: Partly GDPR assessment: From a GDPR perspective, Runway is conditionally suitable.

Positive is that Runway documents SOC 2 Type II, encryption in transit and at rest, access controls, content isolation, private assets, and enterprise security processes. According to Runway, enterprise customers can request security reports via the Trust Center or the sales process. It is also positive that, according to the Help Center, users generally retain ownership and rights to uploaded and generated content.

Negative is that Runway is a US provider and there is no publicly documented general EU-only data residency as a standard. Help documents mention AWS S3 domains with a US-East reference for uploads; for GDPR-critical use, the DPA, subprocessors, storage location, training use, deletion periods, and enterprise contract should therefore be reviewed.

Server location: No verified EU-only standard region is publicly documented; cloud processing with a US connection is likely. Further link: Runway Data Security, Privacy Policy, Pricing and Usage Rights.

Runway Security

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“The World’s #1 AI Home Design Tool.”

HomeDesignsAI generates new designs for interiors, exteriors, gardens, and real estate presentations based on uploaded photos. Users select the room type, style, and scope of changes; the AI then generates visual variations. Additional features include virtual staging, material changes, furniture removal, room composition, and, in some cases, 2D-to-3D or video outputs.HomeDesignsAI

The World’s #1 AI Home Design Tool

4.1/10 | Limited

Architectural visualization, Image editing, Image generation, Interior Design, Mockups, Product Photography

Free Free trial designs Limited free credits or trial access for initial design creations; a fully-featured, permanently free plan is not clearly indicated. Subscription Individual Plan Monthly design quota, more than 40 styles and room types, interior, exterior, and garden design, color and texture changes, redesign, Fill Spaces, Furniture Finder, and Design Transfer.

Pro Plan Significantly higher design quota, more than 80 styles and room types, as well as expanded use of design and editing features. Other Universal Credits Shared credit balance for redesign, video, virtual staging, material swap, furniture removal, and other modules; additional credits can be added. Business Add-ons Advanced tools such as material swap, paint visualizer, and other professional design features. Additional professional features, including advanced room composition and more comprehensive design tools. White-Label Widget Embeddable design interface for websites and platforms, combining interior design with usage-based billing. API Custom usage-based model for integrating design features into your own products. Enterprise Custom agreement with higher volume and the option to exclude customer data from model training.

Location: Romania ⚠️ No confirmed information is available regarding a complete, current business address – as of June 12, 2026.

GDPR: Unclear For the EU/EEA region, it is not clearly demonstrable based on the website documentation that the service is used in compliance with the GDPR. Positive aspects include a general privacy policy, the mention of data subjects’ rights, and an API/Enterprise notice regarding an enterprise opt-out for model training. On the negative side, the website mentions international data transfers, including to the U.S., but does not specify a concrete EU/EEA server location, EU data residency, a publicly accessible Data Processing Agreement (DPA), or a list of subprocessors. As a result, the legal and hosting situation is insufficiently documented for users in Europe.
Positive
The website includes a privacy policy with information on the data collected, data subject rights, and international data transfers. The API/Enterprise documentation mentions security measures such as AES-256 and SSL/TLS. Additionally, the API documentation specifies an Enterprise opt-out for the use of data in model training.
Negative
The website explicitly states that personal data may also be processed outside the user’s country of residence, including the United States. No specific server location or EU/EEA data center is mentioned. A publicly available Data Processing Agreement (DPA), a list of subprocessors, binding statements regarding EU data residency, and on-premises/self-hosting options are not provided on the website. Regarding the API, it also states that inputs and outputs can be used for training by default, unless a specific “Enterprise Privacy” plan applies.
Server Location
Not specifically stated on the website. The general privacy policy mentions international data transfers, including to the U.S. The API privacy policy lists AWS and Google Cloud as examples of cloud hosting providers, but without specifying a region or data center location.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“The ultimate AI-powered camera control for filmmakers & creators” / Platform for AI video, image, audio, supercomputer, MCP/CLI, Marketing Studio, Cinema Studio, and AI Influencer.

Higgsfield AI is a creative platform for generative images, videos, ads, UGC, AI influencers, storyboards, VFX presets, camera movements, character consistency, and marketing content. The platform brings together many leading models and proprietary workflows in a single interface.Higgsfield.AI

The ultimate AI-powered camera control for filmmakers & creators

3.9/10 | Insufficient

Avatarerstellung, Image generation, Social media content, Video generation

Free The official website advertises “Try Free”; specific permanently free limits were not fully confirmed in the publicly readable pricing content. Subscription Individual / Single Plans Higgsfield uses a credit-based model for image, video, and premium generations. The currently binding names and limits of the individual plans could not be fully verified on the dynamic pricing page during research access; the official pricing page is the authoritative source.

Team Plan Shared workspace for creative teams with collaboration on prompts, visuals, and videos; designed for joint production and team workflows.

Enterprise Enterprise offering with SOC-2-aligned security, SSO, custom integrations, audit logs, and SLA support according to the enterprise page; specific terms and privacy details must be requested. Other Credits Generations consume Credits depending on model, resolution, length, and function; according to the official MCP page, MCP uses the same Credit system as the Higgsfield platform.

MCP / CLI / API Use of Higgsfield generations via external agents or developer/automation access; API limits and restrictions may be set by Higgsfield.

Enterprise / Custom Individual workflows, integrations, security requirements, and volume needs via Enterprise sales; no fully verified publicly standardized pricing/performance scheme.

Location: USA 535 Mission St, 14th floor, San Francisco, CA 94105, United States.

GDPR: Unclear The website includes a privacy policy with a section for European users in the EEA/UK, including EU/EEA representatives and information on international data transfers. However, for a robust assessment of GDPR compliance throughout the EU/EEA, the website lacks key information regarding data protection authorities (DPAs), subprocessors, EU data residency, specific server/data center locations, self-hosting, and a contractually guaranteed exclusion of AI training. Therefore, compliance for EU/EEA users as a whole can only be assessed as unclear.
Positive
The website includes a privacy policy, an explicit notice for European users in the EEA/UK, specified legal bases, data subject rights, and an EU/EEA representative in France. It also mentions that content can be deleted and that account content is typically removed within certain timeframes.
Negative
The website does not specify a Data Processing Agreement (DPA), a list of subprocessors, specific EU/EEA data centers or EU data residency, an on-premises/self-hosting option, a clear opt-out from AI training for prompts, uploads, or outputs, nor does it list relevant certifications such as ISO 27001 or SOC 2. The privacy policy also mentions international transfers to the U.S. or other locations.
Server Location
Not specifically stated on the website. The privacy policy only states that personal data may be transferred to the U.S. or other locations; specific server or data center locations within the EU/EEA are not mentioned.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“Empowering Every Home with Robotics”

Noetix Robotics develops compact and full-size humanoid robots for education, research, entertainment, developers, corporate demonstrations, and, in the future, private households. Bumi is positioned as a lightweight entry-level and educational robot, N2 focuses more on dynamic movement and research, and E1 on voice interaction, service, and embodied AI.Noetix Robotics

Empowering Every Home with Robotics

3.5/10 | Insufficient

Autonomous Navigation, Embodied AI, Humanoid Robots, Robot Learning, Robot Manipulation, Service Robots

Other Hardware purchases, product variants such as Pro and EDU, customized sales offers, configurations for education and research, optional computing modules, as well as support and warranty services.

Location: China Noetix Robotics (Beijing) Technology Co., Ltd., Building 1, Tower B, Future Vision, No. 3 Yard, Binhe Avenue, Future Science and Technology City, Xiaotangshan Town, Changping District, Beijing, China.

GDPR: No From the perspective of a user in the EU/EEA, no reliable basis for GDPR-compliant use of the offering is identifiable on the website. Although it is positive that privacy notices are available and an open-source page exists, the website explicitly states for web data processing that personal data is stored in China. At the same time, the website did not specify EU data residency, EU/EEA data centers, a DPA/AVV, a subprocessor list, or relevant certifications. In addition, for product/service use, the website refers to the applicability of the law of mainland China.
Positive
The website provides a privacy policy for the website, a separate privacy policy for products and services, cookie settings with reject/accept options, and an open-source page with SDKs and development tools. The product privacy policy also states that local rights are to remain unaffected if applicable local law differs.
Negative
For web data storage, the website explicitly names China as the storage location. For EU/EEA-relevant requirements, the website did not specify a DPA/AVV, a subprocessor list, EU data residency, EU/EEA server locations, an on-prem/self-hosting option for the overall service, a contractual exclusion of model training, or certifications such as ISO 27001 or SOC 2. In addition, the website mentions several third-party cookies and marketing trackers.
Server location
For the website, it is stated that personal data is stored in China. A specific server or data center location in the EU/EEA is not specified on the website. For the product/service policy, the website only mentions that it is governed by the law of mainland China.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“AI for scientific research.”

Elicit is an AI-powered research assistant designed to search for, review, evaluate, and synthesize scientific literature. The tool supports basic literature searches, automated research reports, and systematic reviews, including screening, data extraction, and citation management. All key AI statements are to be linked to text passages from the underlying publications.Elicit

AI for scientific research.

7.4/10 | Good

Data Analysis, Literature Research, Research, Summarization

Free Limited Research Agent, monthly limited automated reports, unlimited search across more than 138 million publications, unlimited abstracts, Paper-Chat when full text is available, source display, and Zotero import. Subscription Plus Includes Basic features plus expanded access to the Research Agent, more automated reports, export to RIS, CSV, BIB, PDF, and DOCX, larger extraction tables, and clinical trial search.

Pro For systematic reviews; includes an advanced Research Agent, a dedicated review workflow, higher screening and report quotas, research alerts, custom extraction from uploads, explanations for AI responses, output templates, and API access.

Scale For collaborative research teams; includes Pro features plus full Research Agent access, image interpretation, real-time collaboration, larger reports and tables, and an admin panel with usage and seat management.

Enterprise For corporations, universities, and research institutions; includes SSO/SAML, 2FA, domain verification, user analytics, custom deployments, single-tenancy options, custom data sources and templates, higher review limits, unlimited alerts and API usage, and no training on customer data by default. Other Elicit API API access is available starting with the Pro plan; reports and reviews generated via the API count toward the respective workflow quota. According to the documentation, systematic reviews via the API are reserved for Enterprise plans.

Institutional Agreements Custom contracts for universities, research groups, and companies, including onboarding, training, customer success, and customized data sources.

Location: USA Elicit Research, PBC, 440 N Barranca Avenue, #1595, Covina, CA 91723, USA

GDPR: Partly For users in the EU/EEA, GDPR-compliant use is not clearly documented as standard SaaS in the EU. On the positive side, the service has its own privacy policy, a Data Processing Addendum referencing the EU GDPR, UK GDPR, Swiss data protection law, and SCCs, as well as a published reference to subprocessors. On the negative side, the website explicitly states that the servers are located in the U.S. The website does not specify EU data residency or EU/EEA data centers. Consequently, use appears to be possible only under certain conditions—such as additional contractual review and careful data minimization—but not as a clearly and fully secured standard EU/EEA solution.
Positive
The website includes a privacy policy, a DPA/AVV-like “Data Processing Addendum,” references to SCCs, obligations for subprocessors, and information on the rights of individuals in the European Economic Area. In addition, the website states “No training on your data by default” for Enterprise and refers to SOC 2 Type II.
Negative
The website explicitly states that the servers are located in the U.S. The website does not specify EU data residency, EU/EEA data centers, or a clear EU hosting path. Although a link to the list of subprocessors is provided, the content of that list is not viewable online. On-premises or self-hosting options are not specified on the website.
Server Location
According to the privacy policy: Servers in the United States. No other specific EU/EEA server locations or EU data residency are specified on the website.

– ★★★★★★★★★★ (0)

Link

Link

ⓘLeading AI models on a secure platform operated in Germany.

DeutschlandGPT provides models such as GPT, Claude, Gemini, Llama, and Mistral through a single interface. Users can chat, analyze documents and images, perform real-time web searches, configure their own assistants or specialized applications, and integrate external business systems. The platform is designed for individual users, teams, companies, and public or data-sensitive organizations.GermanyGPT

Leading AI models on a secure platform operated in Germany.

7.6/10 | Good

API Integration, Automation, Image generation, Chatbot, Data Analysis, Document analysis, Email creation, LLM API, Multimodal AI, Paraphrase, Product Description, Programming, Research, Spell check, Social media content, Text generation, Translation, Advertising copy, Knowledge Base, Summary

Free Try it for free: A permanently free plan with a limited number of daily messages, custom prompts, and limited file and image analysis. Subscription Pro All leading AI models, projects, integrations, specialized applications, and higher usage limits.

5x Pro Pro features with significantly higher usage limits for more intensive individual use.

Business Pro features plus centralized user management, white labeling, prioritized support, and configurable retention periods; for SMBs and teams.

Enterprise Business features plus custom domain, SAML SSO, SCIM provisioning, Customer Success Manager, dedicated onboarding, invoice billing, and AI training. Other Enterprise Trial Access Time-limited trial access for larger organizations, available by arrangement.

Germany GPT API Usage-based access to various AI models; billing depends on the model and token consumption.

Fair Use Model Paid platform plans have higher limits but are subject to rules against automated bulk usage and resale.

Location: Germany DeutschlandGPT GmbH, 3 Gabriele-Münter-Straße, 82110 Germering, Germany.

GDPR: Yes The website outlines a concrete, actionable GDPR compliance path for the entire EU/EEA region. DeutschlandGPT describes data processing in EU data centers, persistent storage in Germany, a published data processing agreement (DPA) in accordance with Article 28 of the GDPR, designated subprocessors, and a documented “no training” approach. In addition, the website highlights a particularly privacy-strong operational approach using the self-hosted open-source model Llama 3.3 70B on dedicated, isolated servers in Germany. From an EU/EEA perspective, this documents a clearly substantiated path to GDPR-compliant use.
Positive
The following are positively documented: EU/Germany hosting, AVV, a list of subprocessors, no training using user data, ISO 27001, BSI C5-related hosting information, and a self-hosted open-source path for Llama 3.3 70B on dedicated infrastructure in Germany.
Negative
A limitation is that while the website describes EU processing and storage in Germany, it does not explain a separate data residency or transfer logic for every single service in a fully granular manner for all processing activities. Furthermore, the AVV list includes Sentry, a service based in the U.S.; while the website lists the “EU” as the place of processing, it does not provide further details regarding any international access or transfer mechanisms.
Server Location
The website lists several server/processing locations: persistent core data on the Open Telekom Cloud in Germany, specifically in Magdeburg and Biere; general AI processing exclusively within the EU, for example in Frankfurt, Ireland, or Sweden; for individual model paths, the website lists Microsoft Azure in the EU, AWS in Germany, Google Vertex in the EU, IONOS in the EU, and self-hosted Llama on dedicated Open Telekom Cloud servers in Germany.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ"Turn ideas into apps in minutes — no coding needed"

Replit is an AI-powered platform that lets you create, edit, and publish apps directly in the browser.

At its core is the Replit Agent, which writes code, sets up infrastructure, and runs tests. It also includes integrated publishing, database, storage, design, and integration features in a single interface.Replit

Turn ideas into apps in minutes — no coding needed

7.6/10 | Good

App Development, AI agents, Programming, Website Development

Free Free entry point for creating apps, using AI integrations, and publishing the first project; suitable for learning, testing, and simple projects. Subscription Core For individuals with premium tools, Replit Agent, more resources, more credits/usage allowance, and more productive app building.

Teams / Pro / Team-oriented plans For smaller teams with collaboration, more centralized management, more resources, private deployments, and advanced control features; specific plan names may change. Other Enterprise Custom enterprise offering with SSO/SAML, SOC 2 reference, admin controls, private deployments, security review, and enterprise support.

Usage Credits / AI Billing Replit Agent uses effort-based billing; AI Integrations are bundled via Replit Credits, and Replit manages provider access and billing.

Location: USA Replit, Inc., 1001 E Hillsdale Blvd Ste 400, Foster City, CA 94404-1642, United States.

GDPR: Partly GDPR assessment: From a GDPR perspective, Replit is conditionally suitable.

Positive is that Replit provides a Data Processing Agreement, mentions SOC 2 compliance, and offers enterprise security features such as SSO/SAML, private deployments, and admin controls. It is also positive that, for published projects, a geographic region for compute and storage resources can be selected depending on the plan.

Negative is that, according to Replit’s own security documentation, Replit primarily hosts data in Google Cloud data centers in the USA; India is mentioned as an option, but blanket EU data residency is not documented as a standard. For personal or confidential data, the DPA, SCCs, deployed AI models, third-party integrations, app region, logs, secrets, and backup/restore processes must be reviewed.

Server location: Primarily USA; optional app regions may be relevant depending on the plan/deployment, but platform data is not generally EU-only. Further links: Replit DPA, Security, Information Security, Pricing.

Data Processing Agreement Replit Privacy Policy

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“Automate your work.”

Make is a visual no-code/low-code automation platform for integrations, workflows, and increasingly also agentic AI processes.

Companies can use it to connect data and actions across 3,000+ apps, automate API-based processes, and incorporate AI features such as AI Agents, AI Toolkit, AI Content Extractor, AI Web Search, and MCP servers into scenarios. The product addresses both simple app automations and more complex enterprise workflows with team, governance, and hybrid connectivity.Make

Automate your work

7.3/10 | Good

Automation, Data Analysis, AI agents

Free Monthly credits, visual no-code workflow builder, 3,000+ apps, router & filter, support, and a longer minimum interval. Subscription Core Everything in Free plus unlimited active scenarios, more granular scheduling, higher data limits, and the Make API.

Pro Everything in Core plus Priority Scenario Execution, Custom Variables, and Full-Text Execution Log Search.

Teams Everything in Pro plus Teams, team roles, and sharing of scenario templates. Other Enterprise Custom Functions Support, Enterprise App Integrations, 24/7 Enterprise Support, Value Engineering, Overage Protection, and Advanced Security.

Credits / AI Agents Credit-based usage for scenarios and AI automation; scope of features varies by plan.

Location: USA Celonis, Inc., One World Trade Center, 87th Floor, New York, NY 10007, USA.

GDPR: Partly Make provides data protection documents relevant to the EU/EEA region on its own website, including privacy notices, a DPA/AVV, a list of subprocessors, and information on the GDPR and international transfers. In addition, its documentation specifies a selectable EU data center region for organizations. At the same time, the provider is U.S.-based, refers to the EU-U.S. Data Privacy Framework and SCCs for transfers, and the website does not specify a simple on-premises or self-hosting option. Thus, GDPR-compliant use in the EU/EEA appears to be possible in principle, but only under certain conditions, such as selecting the appropriate region, signing the DPA, and reviewing the specific data flows to subprocessors and AI functions.
Positive
The website includes a DPA/AVV, a data protection page on the GDPR, a Privacy Notice, technical and organizational measures, a list of subprocessors, and information on selecting EU data centers for organizations. In addition, Make cites ISO 27001 as well as SOC 2 Type II and SOC 3 for its infrastructure and security program, respectively.
Negative
The website does not clearly guarantee comprehensive EU/EEA-exclusive processing in all cases. The documentation refers to U.S. connections and international transfers via DPF or SCCs. An on-premises/self-hosting option is not specified on the website. No clear, general commitment to a blanket opt-out from AI training for all AI functions was found on the website; only a specific note regarding Google Workspace APIs is available.
Server Location
For organizations, the website lists a selectable data center region: “European Union (EU).” The list of subprocessors published on the website specifies hosting locations in Ireland (Dublin) or Germany (Frankfurt) for European customers using AWS. In addition, the Enterprise Security page mentions a separately managed AWS environment. The website does not fully clarify whether this applies unchanged to all current product areas and AI features.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“The future of home care is here”

Figure AI develops electrically powered humanoid robots designed to perform human tasks in industrial, logistics, and—in the future—domestic environments. Figure 02 was tested at BMW Spartanburg in a real production environment; Figure 03 is more focused on domestic use, Helix AI, safety, and mass production.Figure.AI

The future of home help is here

3.4/10 | Insufficient

Autonomous Navigation, Embodied AI, Household Robots, Humanoid Robots, Industrial Robots, Robot Learning, Robot Manipulation

Other Enterprise/pilot/partner projects on request. Industrial and commercial partnerships, such as BMW and Catalyst Brands, are documented; public purchase, rental or leasing conditions are not guaranteed.

Location: USA Figure AI Inc, 3960 N First St, San Jose, CA 95134, USA.

GDPR: Unclear Although the website does include a privacy policy, it is clearly geared toward U.S. states and does not demonstrate robust GDPR compliance for users throughout the EU/EEA. In particular, the website does not specify EU/EEA data residency, specific server or data center locations, a Data Processing Agreement (DPA), a list of subprocessors, on-premises or self-hosting options, or relevant certifications. The documentation is therefore too incomplete for an assessment from an EU/EEA perspective.
Positive
The website includes a separate privacy policy, a contact option at [email protected], and information indicating that Figure may, in certain cases, process personal data of end users or employees as a service provider for its clients.
Negative
The documentation available on the website refers to U.S. data protection laws and makes no specific statements regarding the GDPR for the EU/EEA. There is a lack of reliable information regarding EU data residency, mechanisms for transfers to third countries, data processing agreements (DPAs), subprocessors, the option to opt out of AI training, server locations, and security certifications.
Server Location
Not specified on the website. The only information available is that the service is operated and administered from offices in the United States.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“Industrialize Enterprise AI. Make Enterprise AI work.”

Celonis connects data from enterprise systems to create a dynamic, context-aware view of business processes. Companies can analyze workflows, identify causes of delays or policy violations, run simulations, and automate actions. AI capabilities such as Process Copilot, machine learning, predictions, and agent integration make process knowledge accessible through natural language and operational applications.Celonis

Industrialize enterprise AI. Make enterprise AI work.

8.1/10 | Very good

API Integration, Automation, Compliance Audit, Data Analysis, Data visualization, Financial Analysis, AI agents, Inventory Management, Risk Analysis, Trend Analysis

Free Celonis Free Plan
An officially promoted free option designed to help you get started with the platform and for limited process mining applications. Current self-service availability may be restricted based on your account or region and should be verified in advance. Subscription Custom Celonis Subscription
Enterprise contracts are based on platform scope, data volume, applications, users, processes, and support requirements; there is no public standard price list. Other Celonis Process Intelligence Platform Data Core, process data model, process mining, analytics, action and business apps, and integrations.

Process Copilot Natural language queries, process analytics, charts, summaries, and context-aware insights.

AgentC Suite for building, connecting, orchestrating, and governing AI agents with process context.

AI API / Intelligence API Integration of Celonis process knowledge and Copilot features into external applications, communication platforms, and agent systems.

Marketplace and Business Apps Preconfigured applications and process solutions for finance, supply chain, procurement, sales, manufacturing, and other areas.

Premium and Premier Plus Support Extended support, service, and maintenance models for mission-critical installations.

Consulting and Partner Services Implementation, process modeling, data integration, consulting, and industry-specific solutions provided by Celonis and its partners.

Celonis Academy Training and certification programs for users, analysts, developers, and implementation teams.

Location: Germany Celonis SE, Theresienstraße 6, 80333 Munich, Germany.

GDPR: Yes On its website, Celonis outlines several key components for GDPR-compliant use within the EU/EEA: a Privacy Notice, a linked General Terms and Conditions (GTC)/Data Processing Agreement (DPA), a linked list of subprocessors, technical and organizational measures, and statements regarding the EU region for European customer data. Regarding AI features, it is further specified that customer data is not used to train large language models and that fine-tuning is performed only with the customer’s explicit consent. This clearly demonstrates a practical approach to GDPR-compliant use within the EU/EEA.
Positive
Positive aspects include the Privacy Notice available on the website, the linked General Terms and Conditions (GTC)/Data Processing Agreement (DPA), the linked list of subprocessors, the linked Standard Contractual Clauses (SCCs) and Terms of Use (TOMs), as well as the statement that European customers’ data is generally hosted in an EU data center. For AI applications, Celonis also states that hosting takes place in the same region as the Celonis platform and that customer data is not used for training LLMs; fine-tuning is performed only with the customer’s explicit consent.
Negative
A limitation is that the website does not specify a particular member state or a specific EU data center address; it only states in general terms that European customer data is hosted in the EU. The website does not provide evidence of a complete, genuine on-premises deployment of the platform; the documented on-premises components primarily concern extractors and clients, while processing and orchestration run via cloud services. An explicit opt-out function via the UI for AI training is not described; instead, training is generally ruled out, and fine-tuning is contingent upon explicit consent.
Server Location
The website does not specify a concrete server location by country or city. It only states that Celonis uses Microsoft and Amazon hosting and that the hosting location of the customer database generally corresponds to the customer’s location; for European customers, this means a data center in the EU. For AI applications, the same region is specified as for the Celonis platform; thus, for EU hosting, the hosting is also in the EU.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“The secure AI ecosystem to boost your creativity and productivity.”

Mindverse is a German all-in-one AI platform for text, research, images, audio, video, internal knowledge bases, assistants, and automated workflows. It provides various AI models through a single interface and is designed for individual users, teams, and businesses. Higher-tier plans enable custom agents, processes, integrations, and team management.Mindverse

The secure AI ecosystem to boost your creativity and productivity

7.7/10 | Good

Automation, Image editing, Image generation, Image upscaling, Chatbot, Data Analysis, Data visualization, Chart creation, Document analysis, Email creation, AI agents, Market Analysis, Meeting Minutes, Paraphrase, Product Description, Research, Spell check, SEO, Social media content, Voice output, Speech recognition, Text generation, Transcription, Trend Analysis, Subtitling, Video generation, Advertising copy, Competitive Analysis, Knowledge Base, Summary

Free Trial Access / Start for Free Trial access with time or feature limitations; the current pricing page does not clearly indicate whether a permanent, free full plan is available. Subscription Content Suite Lite AI chatbot, text editor, document upload, and AI editing with a limited monthly request quota.

Content Suite Basic Text and image generation with an expanded request quota and limited AI image requests.

Content Suite Premium More extensive use with fair-use text generation and an increased image quota.

Content Suite Premium Plus Highest Content Suite quota, fair-use text generation, more images, and prioritized support.

Studio Starter AI chat, images, video, and Canva, unlimited internal knowledge, unlimited custom assistants, and Standard and Advanced models.

Studio Pro Starter features plus Expert and Sovereign models, custom agents, custom processes, and more than 500 integrations.

Studio Team Team sharing, role-based access, shared credit wallet, teams, and shared knowledge, assistants, agents, and processes. Other AI Credits Monthly credit for chat, models, images, videos, and other features; additional usage depends on the model.

Custom / Enterprise Custom AI environment with chat and voice bots, knowledge management, agents, workflows, API, integrations, branding, your own domain, and custom hosting.

Location: Germany Relativity GmbH, 25 Breite Straße, 13597 Berlin, Germany.

GDPR: Partly The website includes a privacy policy, names a data controller in Germany, and refers to data processors as well as potential transfers from the EU to third countries via standard contractual clauses. For the standard web application, hosting via AWS is specified with “Processing location: Germany.” At the same time, the website does not provide a publicly accessible subpage for the Data Processing Agreement (DPA), a publicly viewable list of subprocessors, a clear statement regarding the exclusion of AI training using customer data, or a reliable description of on-premises, self-hosting, or private cloud options. For use throughout the EU/EEA, GDPR-compliant use is therefore not clearly established by default, but only subject to certain conditions and following additional clarification with the provider.
Positive
Positive aspects include the existing privacy policy, the explicit inclusion of the EU and EEA in the legal text, the specified processing location of Germany for AWS in the web privacy policy, and several product pages featuring statements such as “Developed and hosted in Germany” and “GDPR-compliant”. Furthermore, it is explained that external entities may be designated as data processors and that a current list of these parties can be requested from the provider.
Negative
A negative point is that the website does not mention a publicly accessible process for concluding a Data Processing Agreement (DPA), does not link to a published list of subprocessors, and contains no clear assurance that prompts, uploads, chat histories, or outputs will not be used to train general models, and there is no robust documentation regarding EU data residency for all product areas. Furthermore, the TurboGPT privacy policy found on the domain indicates that data processing for an app also takes place in the U.S. via OpenRouter and Composio; this argues against a blanket “EU-only” classification for the entire ecosystem.
Server Location
The general web privacy policy lists “Processing location: Germany” for AWS. Product pages additionally state “Developed and hosted in Germany.” However, the TurboGPT privacy policy published on the same domain states: Firebase in the EU, OpenRouter in the United States, Composio in the United States, and Apple worldwide. A uniform server location for the entire tool is therefore not consistently or fully specified on the website.

– ★★★★★★★★★★ (0)

Link

Link

ⓘ“Engineering-Grade Agentic AI for Electrical Design Calculations.”

ELEK is a suite of professional calculation programs for electrical power systems. It covers, among other things, low-voltage cables, high-voltage cables, grounding systems, cable pulling, protection coordination, and other electrical engineering calculations. ELEK AI enhances selected applications with natural language, agent-based support and automated data extraction.ELEK AI

Engineering-Grade Agentic AI for Electrical Design Calculations

6.5/10 | Solid

Elektro-CAD, Schaltungsdesign

Free ELEK AI offers a free plan with a limited number of monthly credits. In addition, there are free calculators and trial options available. The full professional engineering products are not offered as permanently free full versions. An active, compatible product is required for AI calculations. Subscription ELEK AI Individual Personal access with a regular AI credit allowance for one person.

ELEK AI Team Shared credit allowance for multiple employees.

Cable Pro Web Cloud-based license with monthly or annual renewal. Other AI Credit Top-ups One-time additional credit packages; active subscription required.

PC Software Licenses Licenses for Cable High Voltage, SafeGrid, Cable Pulling, Protection Coordination, and Line Rate.

SELEK Power Bundle Bundle of multiple programs for electrical networks, cables, grounding, and protection calculations.

Network License Shared use of selected PC packages in larger or distributed teams.

Updates and Support Optional maintenance, update, and support services for PC software after the first year of licensing.

Location: Australia Electrotechnik Pty Ltd / ELEK Software, Suite 603, 234–242 George Street, Sydney NSW 2000, Australia

GDPR: Partly The website explicitly cites the GDPR as the applicable standard, describes the rights of data subjects in the EU, UK, and EEA, refers to international data transfers using SCCs, and states that third-party providers are bound by a DPA. However, for a robust assessment across the entire EU/EEA, the website lacks specific information regarding EU/EEA server locations, EU data residency, a DPA that can be concluded by the customer, a list of subprocessors, and self-hosting or on-premises options. Therefore, from an EU/EEA perspective, GDPR-compliant use appears possible only under certain conditions, but this is not clearly substantiated.
Positive
Positive aspects include the explicit reference to the EU GDPR, the mention of data subject rights for the EU, UK, and EEA, the commitment to international safeguards such as SCCs, the statement that third-party providers must sign DPAs, and the FAQ entry regarding ELEK AI, which specifies that third-party AI providers may not use customer data for model training.
Negative
On the negative side, the website does not specify a concrete server or data center location for ELEK AI, does not guarantee EU data residency, does not provide a list of subprocessors, no publicly accessible Data Processing Agreement (DPA) is available for customers, and no on-premises, self-hosting, or private cloud options are documented. Furthermore, according to the website, the provider is based in Australia, and the privacy policy explicitly states that recipients may also be located outside the EEA.
Server Location
Not specifically stated on the website. The Security Policy mentions AWS as the cloud service, but without specifying a region or the country where the data center is located. The privacy policy also states that third-party providers may be located outside of Australia and the EEA.

– ★★★★★★★★★★ (0)

Link

Link

KIFOX

Register your own AI tool

9.2/ 10

Listing on KIFOX – free, editorially reviewed, and with GDPR transparency that will win over your buyers.

FreeSubscriptionOther

Location: Germany

GDPR: Yes / Partly / ...

4,6★★★★★★★★★★111

Link

Link