Skip to content
Contact us
TRUST CENTER

Trust & Security

This page summarises how cloudstrata operates AI Foundry and related managed services for regulated buyers, procurement teams, and IT security reviewers. It covers data residency, compliance posture, subprocessors, availability commitments, and the architecture baseline we share during due diligence.

Last updated: July 2026. We review this page when our platform, subprocessors, or contractual commitments change.

Overview

cloudstrata GmbH is an Austrian company (Lichtenberg/Linz). We design and operate AI Foundry as a managed Kubernetes platform with tenant isolation, identity integration, auditability, and EU-first hosting options. Customer data is not used to train public foundation models without explicit agreement.

Data residency

Production AI Foundry tenants are deployed in EU regions by default. Hosting geography is agreed during onboarding and documented in the order or data processing agreement.

  • Platform control plane and customer workloads run on AWS, Google Cloud, or Microsoft Azure in EU regions (for example eu-west-1, europe-west*, westeurope) unless a customer explicitly requests another region.
  • Managed PostgreSQL and object storage for AI Foundry are provisioned in the same region as the tenant environment.
  • cloudstrata GmbH processes contractual and support data in Austria/EU. Backups follow the same regional constraints as the primary environment.
  • LLM inference may route to provider endpoints in the EU where available (for example Azure OpenAI in EU regions). When a customer selects a provider without an EU endpoint, prompts and responses may be processed in the provider's disclosed regions — this is documented per tenant.

Need a fixed EU-only routing profile or on-prem / private-cloud deployment? Contact us — we scope residency requirements in the scoping call and contract.

Compliance posture

We align platform design and operating practices with expectations from financial services, public sector, and GDPR-regulated organisations. Formal certifications depend on scope and contract; the baseline below applies to managed AI Foundry.

  • GDPR-aligned processing: data processing agreements (DPAs), subprocessors list (below), and support for data subject requests via office@cloudstrata.io.
  • EU AI Act alignment for AI-assisted features — see our AI Responsibility policy for human oversight, transparency, and risk handling.
  • Tenant isolation, RBAC, audit trails, and approval workflows built into AI Foundry — not bolted on after rollout.
  • Inherited controls from underlying cloud providers (for example ISO 27001, SOC reports on AWS, Azure, and Google Cloud infrastructure) where applicable to the chosen hosting stack.
  • Security questionnaires, architecture briefings, and custom contractual controls available for enterprise and regulated customers.

We do not claim certifications that do not apply to cloudstrata itself. If your procurement process requires specific attestations, ask — we will map what is covered by our operations versus our subprocessors.

Subprocessors

The table lists infrastructure and service providers that may process customer data when operating AI Foundry. Actual subprocessors depend on the chosen cloud region, LLM routing, and integrations enabled for your tenant.

ProviderPurposeTypical processing location
Amazon Web Services (AWS)Managed Kubernetes, compute, storage, networking, and observability for AI Foundry workloadsEU region selected for the tenant (for example eu-west-1)
Microsoft AzureManaged Kubernetes, PostgreSQL, storage, networking; optional Azure OpenAI inferenceEU region selected for the tenant (for example West Europe)
Google CloudManaged Kubernetes, compute, storage, networking; optional Gemini inferenceEU region selected for the tenant (for example europe-west*)
OpenAILLM inference and embeddings when configured as a model providerProvider regions disclosed by OpenAI; EU routing where available
AnthropicLLM inference when configured as a model providerProvider regions disclosed by Anthropic
Email delivery providerTransactional email (account notifications, operational alerts)EU / EEA

We notify customers of material subprocessor changes in line with our data processing agreements. For a tenant-specific subprocessor list, contact office@cloudstrata.io.

Availability & SLA

Managed AI Foundry is operated as production infrastructure — not a best-effort demo environment. Availability commitments depend on plan and contract.

  • Standard managed tenants: monthly platform availability target of 99.5% for the AI Foundry control plane and API endpoints, excluding agreed maintenance windows.
  • Enterprise agreements: customised SLA, maintenance windows, incident response times, and status communication — documented in the order form or SLA appendix.
  • Observability built in: health checks, alerting, and runbooks for the platform layer we operate; customer-specific SLOs can be agreed for critical agents.

Maintenance is scheduled outside business hours (CET/CEST) where possible and communicated in advance. For current incident communication or SLA excerpts, contact office@cloudstrata.io.

Security architecture overview

The summary below is intended for IT and security reviewers evaluating AI Foundry. A detailed architecture brief and network diagram are available on request under NDA.

  • Kubernetes-native deployment with namespace- or cluster-level tenant isolation, network policies, and secrets managed via the cloud provider or vault integration.
  • Encryption in transit (TLS 1.2+) for all external and inter-service communication; encryption at rest via the underlying cloud storage and database services.
  • Identity: SSO/SAML and SCIM integration with your IdP; role-based access control and approval workflows for agent deployment and data connections.
  • Auditability: inference and agent execution logs, configuration change history, and export options for compliance reviews.
  • Model routing layer with quotas, circuit breakers, and provider fallbacks — limiting blast radius when an upstream LLM degrades or fails.

We are happy to walk through data flows, backup/restore, and disaster recovery in a security review call. Technical depth matches what we operate daily — not marketing diagrams.

Security & procurement inquiries

For DPAs, subprocessor notifications, security questionnaires, or architecture reviews, email office@cloudstrata.io. We typically respond within two business days.

CONTACT

Get in touch

Tell us about your use case — we'll respond with a tailored next step.

We aim to reply within one business day.

Details used only to respond. Data privacy

Trust Center | cloudstrata