"The essential AI stack for your company. Simple for business users. Ready for advanced use cases."
Langdock is an enterprise-focused AI platform with chat, agents, workflows, integrations, knowledge search, and API access.
Companies can use it to centrally roll out generative AI, search internal knowledge bases, build automations, and run their own AI applications on a shared platform. Langdock officially positions itself as a model-agnostic platform for secure AI adoption in the enterprise.
Langdock
The essential AI stack for your company. Simple for business users. Ready for advanced use cases
Location: Germany ⓘ Langdock GmbH, Greifswalder Str. 212, 10405 Berlin, Germany.
Business / Business Max Business offers standard limits; according to the docs, Business Max offers multiple times the usage limits for power users. Other Workflows Add-on Add-on for automations; Starter is included, Business offers higher execution volumes, Custom individual limits.
API Unified API for multiple models; Langdock charges a markup on model provider prices when using the API.
Enterprise Deployment Single-tenant SaaS, bring-your-own-cloud, or on-premise depending on company size and security requirements.
Target audience
Langdock is primarily aimed at companies that want to use generative AI in a controlled, secure, and broad way in everyday work. Typical target groups include IT and digital teams, knowledge workers, operations, internal enablement teams, and business units that work with documents, internal knowledge search, routine communication, or process automation. Thanks to its business and enterprise focus, SSO/SCIM, role models, API, and dedicated deployment options, Langdock is particularly interesting for SMEs, regulated companies, and large organizations.
Outstanding features
Particularly strong is the combination of model-agnostic AI chat, configurable agents, multi-step workflows, integrations, Company Knowledge, and API in one shared workspace. Companies can create their own knowledge folders, manage files programmatically, use models from different providers via a single interface or API, and, if needed, integrate their own keys or even their own models. Newer product developments such as Skills and Company Knowledge further expand the system with reusable instructions and centralized search across connected data sources.
Main use cases
Langdock is particularly suitable for company-wide AI assistants, internal knowledge search, document work, structured data extraction from texts, team-wide standardization of prompts/skills, and workflow automation with external systems. Through native and custom integrations, Langdock can incorporate information from tools such as Salesforce, Microsoft 365, Google Workspace, Slack, Jira, or Zendesk and process it further in agents or workflows. The API also allows custom applications, agents, and knowledge bases to be connected programmatically.
Usage & notes
Usage typically takes place in a workspace with roles, groups, and centralized admin settings. For productive B2B use, it should be determined in advance whether models will be operated via “AI Models Included” or BYOK, which integrations may be active, and whether only EU-suitable models should be permitted. For data protection and compliance scenarios, it is particularly important that certain “global deployment” models, according to Langdock, may process data worldwide; anyone with strict requirements should therefore verify model approvals, hosting variant, and AVV/DPA before rollout.
| Target audience | Assessment |
|---|---|
| SMEs / Teams | Very suitable – for secure company-wide AI access, chat, agents, internal knowledge sources, and workflows. |
| Large enterprises | Very suitable – Langdock is clearly designed for enterprise AI adoption, governance, EU hosting, and deployments in a company’s own infrastructure. |
| Privacy-conscious EU companies | Very suitable – due to EU deployment, DPA, ISO 27001, SOC 2 Type II, and the no-training statement. |
| Developers / IT teams | Very suitable – for Unified API, Agent API, Knowledge Folder API, embeddings, workflows, and BYOK. |
| Private individuals | Rather unsuitable – Langdock is geared toward organizations and enterprise rollout, not individual users. |
Hosting & Data
1) On-prem / local hosting
Meaning: The company operates the solution on its own hardware or within its own infrastructure. In the strictest sense, not only the application runs locally, but ideally the model as well.
2) Private cloud / data center
Meaning: The solution runs in a dedicated or more clearly separated cloud environment, often with a hosting provider or hyperscaler, but in a German data center or in a particularly controlled environment.
3) EU SaaS / managed
Meaning: The provider operates the solution itself as a service. The company uses the tool as a ready-made cloud service, ideally with EU data residency.
4) Hybrid
Meaning: One part of the processing remains internal / local / in a private cloud, while another part runs in an external cloud or EU SaaS.
5) AVV / DPA
Meaning: This is the data processing agreement or Data Processing Addendum. It governs that the provider processes personal data on behalf of the customer and is bound by the customer's instructions.
6) No training
Meaning: The provider does not use your prompts, uploads, attachments, chat histories, or outputs for training or improving the general model — ideally excluded by contract.
7) Open-source / transparency path
Meaning: There is a path toward greater technical transparency and sovereignty, for example through:
- open models
- documented components
- self-hostable parts
- traceable architecture
- export / switching options
| On-prem / local hosting | ✅ |
| Private cloud / data center | ✅ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ❓ |
On-prem / local hosting: supported
On the security page, “On-premise: Hosting on custom Kubernetes setups via Helm charts” is mentioned. It also states that organizations can run Langdock on their own infrastructure.
Private Cloud / Data Center: Covered
Langdock lists “Single-tenant SaaS: Dedicated deployment managed by Langdock” as well as “Bring your own cloud: Dedicated deployment in your own cloud.” This covers dedicated or isolated cloud environments.
EU SaaS / Managed: Covered
The website lists “Multi-tenant SaaS: Hosted via Microsoft Azure on servers inside the EU” as well as “EU hosting: The application and most models (configurable) are hosted entirely in the EU.”
Hybrid: partially
An explicit hybrid operating model is not described as a separate term. Given “bring your own cloud,” on-premises options, integrations, a proprietary vector database, and configurable model locations, a hybrid setup is implied but not fully specified on the website.
TOS / DPA: Covered
A TOS/DPA is directly available on the website. The Enterprise page also explicitly states that Langdock offers a DPA.
No Training: Covered
The Privacy Policy explains that content is processed exclusively for the purpose of providing contractual services and is not used for training AI models. The Security page reiterates that customer data is never used to train or improve AI models.
Open Source / Transparency Path: Indirect / Not Available
No clear proof of open source or a list of open-source components was provided on the Langdock pages found. However, there is a transparency and sovereignty path via self-hosting, a private cloud, export functions in the General Terms and Conditions, and the option to use one’s own infrastructure.
Data Processing
For users in the EU/EEA, it is important to note that Langdock documents EU hosting for its SaaS offering and specifies in the General Terms and Conditions (AVV) that the processing of customer data generally takes place within the EU or the EEA. At the same time, the AVV notes that transfers to third countries are possible if the controller actively enables a model with a server location outside the EU. Thus, the specific GDPR situation depends in part on the chosen model and deployment configuration. For maximum control, Langdock specifies dedicated deployments, its own cloud, and on-premises solutions.
Conclusion
Based on its own website, Langdock appears well-positioned across the entire European region: EU/EEA-oriented data processing, the AVV, documented subprocessors, EU SaaS, dedicated deployments, on-premises solutions, and clear “no training” statements all strongly support GDPR-compliant use. The strongest point is that Langdock offers not only standard SaaS but also its own cloud and on-premises options. Limitation: According to the Terms of Service, users who deliberately activate models with servers located outside the EU open the door to transfers to third countries.
Sources
| On-prem / local hosting | ✅ |
| Private cloud / data center | ✅ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ❓ |
On-prem / local hosting: supported
On the security page, “On-premise: Hosting on custom Kubernetes setups via Helm charts” is mentioned. It also states that organizations can run Langdock on their own infrastructure.
Private Cloud / Data Center: Covered
Langdock lists “Single-tenant SaaS: Dedicated deployment managed by Langdock” as well as “Bring your own cloud: Dedicated deployment in your own cloud.” This covers dedicated or isolated cloud environments.
EU SaaS / Managed: Covered
The website lists “Multi-tenant SaaS: Hosted via Microsoft Azure on servers inside the EU” as well as “EU hosting: The application and most models (configurable) are hosted entirely in the EU.”
Hybrid: partially
An explicit hybrid operating model is not described as a separate term. Given “bring your own cloud,” on-premises options, integrations, a proprietary vector database, and configurable model locations, a hybrid setup is implied but not fully specified on the website.
TOS / DPA: Covered
A TOS/DPA is directly available on the website. The Enterprise page also explicitly states that Langdock offers a DPA.
No Training: Covered
The Privacy Policy explains that content is processed exclusively for the purpose of providing contractual services and is not used for training AI models. The Security page reiterates that customer data is never used to train or improve AI models.
Open Source / Transparency Path: Indirect / Not Available
No clear proof of open source or a list of open-source components was provided on the Langdock pages found. However, there is a transparency and sovereignty path via self-hosting, a private cloud, export functions in the General Terms and Conditions, and the option to use one’s own infrastructure.
Data Processing
For users in the EU/EEA, it is important to note that Langdock documents EU hosting for its SaaS offering and specifies in the General Terms and Conditions (AVV) that the processing of customer data generally takes place within the EU or the EEA. At the same time, the AVV notes that transfers to third countries are possible if the controller actively enables a model with a server location outside the EU. Thus, the specific GDPR situation depends in part on the chosen model and deployment configuration. For maximum control, Langdock specifies dedicated deployments, its own cloud, and on-premises solutions.
Conclusion
Based on its own website, Langdock appears well-positioned across the entire European region: EU/EEA-oriented data processing, the AVV, documented subprocessors, EU SaaS, dedicated deployments, on-premises solutions, and clear “no training” statements all strongly support GDPR-compliant use. The strongest point is that Langdock offers not only standard SaaS but also its own cloud and on-premises options. Limitation: According to the Terms of Service, users who deliberately activate models with servers located outside the EU open the door to transfers to third countries.
Sources
Strengths & weaknesses at a glance
| Strengths | Weaknesses |
|---|---|
| – Broad feature set: chat, agents, workflows, integrations, knowledge search, and API in one platform. | – Contractually not intended for consumers; focus clearly on B2B. |
| – Model-agnostic, with BYOK and a unified API for multiple model providers. | – No permanent free version, only a 7-day trial period. |
| – Strong enterprise focus: SSO, SCIM, roles, analytics, data retention, static IPs, audit/governance features. | – Workflows incur additional usage-based AI costs; the API is also token-based. |
| – Good security positioning: ISO 27001, SOC 2 Type II, EU hosting, no training on customer data. | – Dedicated/private/on-prem deployments are only relevant for larger organizations. |
| – Flexible deployment options from multi-tenant SaaS to on-prem. | – GDPR assessment depends on the specific model choice; with “global deployments,” third-country transfers are possible. |
Reviews
0 reviews in total
There are no confirmed reviews for this tool yet.
Submit review
Your review will only become visible after email confirmation. This protects the portal against abuse.
Report review
Please select the reason why this review should be checked.
GDPR-compliant usage possible?
On its website, Langdock provides several clear building blocks for GDPR-compliant use throughout the EU/EEA: T&Cs/Privacy Policy, processing predominantly within the EU or EEA, EU hosting for multi-tenant SaaS, dedicated deployment options, self-hosting or on-premises, and statements regarding “no model training.” Since hosting on the customer’s own infrastructure and “bring your own cloud” are also explicitly offered, a straightforward path to GDPR-compliant use within the EU/EEA context is documented. One limitation is that, according to the AVV, data transfers to third countries are possible if the customer actively activates an LLM with a server location outside the EU.
Positive
Positive aspects include the available AVV/DPA, the statement that the processing of customer data generally takes place within the EU or an EEA member state, EU hosting of the multi-tenant SaaS, self-hosting and “bring your own cloud,” the documented list of subprocessors, “no model training” for customer data, and the mentioned ISO 27001 and SOC 2 Type II certifications.
Negative
A negative or limiting aspect is that the website does not guarantee that all processing will exclusively take place within the EU/EEA for every conceivable model configuration. The General Terms and Conditions of Service explicitly state that transfers to a third country are possible at the direction of the controller, for example, if an LLM with a server location outside the EU is activated. Furthermore, no clear, detailed evidence regarding open-source components was found on the website.
Server Location
The website states that the multi-tenant SaaS is hosted on servers within the EU via Microsoft Azure. It also states that the processing of customer data generally takes place within the European Union or a member state of the EEA. The list of subprocessors in the General Terms and Conditions (AVV) includes Microsoft Ireland Operations Limited, which processes data within the EU for hosting and Azure LLMs, as well as Amazon Web Services EMEA SARL, which processes data within the EU for AWS LLMs.