Security & GDPR

EU-hosted, GDPR-first, built in Stuttgart. No BSP intermediaries on messaging. Transparent about every sub-processor we rely on.

Where your data lives

All customer data — messages, contacts, AI metadata — lives in Google Cloud Firestore europe-west1. Secrets live in GCP Secret Manager (same region). File attachments live in Firebase Storage europe-west3. No US fallback.

Encryption

In transit: TLS 1.3. At rest: AES-256 via Google-managed keys. Channel credentials (tokens, API keys, signing keys) are stored separately from the channel docs that reference them.

Sub-processors

The third parties Multivara uses to deliver the service. Each signs a standard DPA and is listed here.

Google Cloud (Firestore, Secret Manager, Storage)
Primary infrastructure — europe-west1 region, EU-resident.
Firebase Authentication
Workspace sign-in via Google OAuth.
Anthropic (Claude API)
AI copilot + summaries. EU data-processing terms signed; no training on customer data.

Channel providers

Multivara connects to messaging providers on your behalf. How your data flows depends on which channel you enable. Multivara is not a messaging-provider aggregator (BSP) — we connect you directly to each provider using credentials you own.

EU data residency · signed DPA

First-class providers. Data stays within the EU; the provider signs a standard data-processing agreement.

Channel	Data residency	DPA
Instagram DM	EU	Signed
Messenger	EU	Signed
SMS	EU	Signed
WhatsApp	EU	Signed

Tenant-controlled

You own the credentials and the underlying data store. Multivara relays messages; you decide where the system of record lives.

Channel	Data residency	DPA
Email	Tenant-controlled	Tenant-direct

Third-country · tenant-direct

The provider has no EU data residency and no standard DPA with us. Multivara does not add these as sub-processors — your tenant contracts directly with them, and your privacy notice must disclose the transfer. We surface an explicit warning in the connect flow.

Channel	Data residency	DPA
Gmail	Third country	Signed
Outlook	Third country	Signed
Telegram	Third country	Tenant-direct

Retention & deletion

Messages and conversations are retained until the tenant deletes the workspace. Drift-event audit docs auto-expire within 24 hours via Firestore TTL. Individual conversation retention limits are on the roadmap.

Questions?

Email privacy@multivara.com or reach the founder directly on LinkedIn.