Security & privacy

Your knowledge is your edge. We protect it.

Training videos carry what makes your company unique: internal processes, product knowledge, compliance content. Vidancy is built from the ground up so this content stays protected and under your control.

Start for freeBook a demo

At a glance

Security at Vidancy

Data stored and hosted in the EU.

Deletion concept with cleanly separated soft delete and hard delete.

Audit log for security-relevant and administrative actions.

Data Processing Agreement (DPA) and sub-processor list under the General Data Protection Regulation (GDPR).

Facts, not promises

Security you can verify.

EU

Data stored in Europe

Primary data lives in the EU (Frankfurt region) — where the GDPR applies and is enforced.

100%

Encrypted

All traffic is encrypted; customer data and uploads are also encrypted at rest.

0

AI training on your data

Your scripts, documents, and videos never train AI models — agreed contractually with every AI provider.

RLS

Separation at the database layer

Row Level Security (RLS) isolates each customer's data directly in the database — not just in the application.

Protection at every layer

Security here is architecture, not an add-on.

From hosting through every upload to the finished video: every layer of the platform is designed to protect your content — by default, with nothing for you to configure.

Hosted and backed up in the EU

Your data lives in a European data center (Frankfurt region) and is protected against outage and loss.

  • Encrypted automated backups on a daily, weekly, and monthly rotation.
  • Point-in-time recovery with a documented restore process.
  • Protection against denial-of-service attacks right at the network edge.

Strict separation of customer data

Multiple layers of protection interlock — a single mistake cannot expose data.

  • Access is denied by default and granted only on a least-privilege basis.
  • Customer separation is anchored in the database itself via RLS, so it applies to every access path.
  • No customer can access another customer's data.

Secure accounts and payments

Sign-in and billing follow the same standards as leading cloud services.

  • Short-lived, signed session tokens instead of permanent credentials.
  • Naturally, account credentials are stored only in hashed form.
  • Payments are handled by a certified payment provider — we never store card details.

Every upload is checked

Documents, images, audio: everything you upload is checked before it is stored — and afterwards served only through controlled paths.

  • Malware scanning and type validation for every uploaded file.
  • Media is reachable only through signed, short-lived links — never through public paths.
  • Sensitive data is kept out of logs.

AI with clear rules

Vidancy uses leading AI models — under commercial agreements that explicitly rule out training on your data.

  • All AI providers are transparently documented as sub-processors.
  • Naturally, access keys stay server-side and never reach the browser.

GDPR as the standard, not an appendix

Aivaro Technologies Ltd. operates Vidancy with documented processes for everything the GDPR requires — from the DPA to incident response.

  • Deletion concept with a clear split: soft delete with a recovery window, then final hard delete — within 30 days at most.
  • Security-relevant and administrative actions are recorded in an audit log.
  • A documented breach response process, aligned with the 72-hour notification duty.
Our promise

Your content belongs to you. Entirely.

We earn from your subscription — not from your data. Everything else follows from that.

  • No AI training. Your content never improves anyone else's models — with any provider, in any case.

  • Leave anytime. Deletion and export of your data — per user and per workspace, with no hurdles.

  • Full transparency. You always know who processes data for Vidancy — we announce changes in advance.

Documentation

Everything your privacy review needs.

For procurement, IT security, and data protection officers, we provide the relevant documents — written to be understood and kept up to date.

Security overview

A compact overview of hosting, encryption, access control, and operations — the fast entry point for any review.

Data Processing Agreement

DPA under Art. 28 GDPR — a binding agreement on how Vidancy processes data on your behalf.

Sub-processor list

Every service provider that processes data for Vidancy — with purpose, location, and legal transfer basis.

A short email to [email protected] is all it takes — you receive the documents directly from us.

Questions?

Talk to us directly.

Security questionnaire, approval process, or a detailed question: at Vidancy, the people who built the platform answer — no ticket queue.

Contact [email protected]Read privacy policy