AI security and compliance

One EU sub-processor for every model

Opper is the GDPR-compliant AI gateway, hosted in AWS Stockholm with EU data residency by default, zero data retention when you need it, and one DPA that covers every model you add.

Trusted by 50k+ developers and companies serving 10M+ users

Aixia
Evroc
GetTested
Instabridge
LexBox
Ping Payments
Steep
Svenska Bostäder

Challenge

Why is AI compliance so painful?

Using AI models directly means every provider becomes your problem: another sub-processor, another retention policy, another region, another review.

Every model is a new sub-processor

Each provider you integrate directly must be added to your sub-processor list, with a DPA amendment, customer notification, and a 30-day objection window before you can ship.

Unknown retention policies

Every provider retains prompts differently, some keep content for abuse monitoring, some publish no retention period at all, and your DPO has to chase each one.

Data leaves the EU by default

Most default endpoints process requests in the US, which makes transfer assessments, SCCs, and Schrems II analysis your problem for every single provider.

A security review per vendor

Five providers means five vendor assessments, five sets of terms, and five renewals, and the list grows every time a better model ships.

The Opper Way

One gateway, one DPA, your terms

Opper sits between your application and 300+ models, so security and compliance are solved once, at the gateway.

One sub-processor

Opper is your single AI sub-processor for 300+ models. Swap providers, test new releases, and add models the day they launch, all behind one DPA, while your sub-processor list stays one line long.

  • One DPA covers 300+ models
  • No amendments or objection windows
See the sub-processor list
Your sub-processor list:
Opper AI
AWS Stockholm, EU
One DPA
Handled behind Opper's DPA:
OpenAIAnthropicGoogleMistralMetaxAI+ every new model

Your data, your terms

No prompts stored by default, only the metadata that powers your analytics. Opper never trains on your data. Enable full tracing with the Control Plane when you want observability, or zero retention with Enterprise when you want nothing kept at all.

  • No prompts stored by default
  • Opper never trains on your data
Explore the Control Plane
What Opper stores by default:
Modelclaude-sonnet-4.6
Tokens1,847
Latency2.3s
Cost$0.0092
Prompt contentnot stored
Completion contentnot stored
Full tracing with Control Plane, zero retention with Enterprise

GDPR & EU data residency

The platform runs in AWS Stockholm, and EU routes keep inference in the EU end to end, so data stays in the EU unless you choose otherwise. A standard DPA and SCCs are available on request, ready for your legal review.

  • Hosted in AWS Stockholm
  • Standard DPA and SCCs
Browse EU-hosted models
Opper platformeu-north-1
AWS Stockholm, Sweden
Storage, traces, and analytics stay here
EU inference routes:
AWS Bedrock EUAzure EUGCP EUMistralBerget AI
Data leaves the EU only when you pick a route hosted elsewhere

Zero data retention

For workloads where nothing may be stored, Opper exposes zero data retention routes, where the provider keeps no prompts or completions after the response is served. ZDR availability is shown per model and provider, so picking a compliant route is a dropdown, not a procurement cycle.

  • ZDR routes across providers
  • Retention shown per model
Browse models with ZDR by default
Default routesAbuse monitoring only

Providers may retain content briefly for abuse monitoring, never for training.

ZDR routesZero data retention

The provider stores nothing after the response is served, on by default for some routes and via enterprise agreement for others.

ZDR status is listed on every model page in the directory

Infrastructure security

Data is encrypted with AES-256 at rest and TLS in transit, isolated per organization, and served from private VPC subnets, with encrypted backups and point-in-time recovery. The full technical detail is in the platform security overview.

  • AES-256 at rest, TLS in transit
  • Isolated data per organization
Read the technical security overview
Encryption at restAES-256, AWS KMS
Encryption in transitTLS
Data isolationPer organization
NetworkPrivate VPC subnets
BackupsEncrypted, point-in-time recovery

Live data

Data handling by provider

Region, zero data retention, and DPA status for the providers behind the gateway, straight from the model directory.

ProviderHostingZero data retentionTrains on your dataDPAModels
Google CloudEU + USEnterpriseNo47
AzureEU, MultiEnterpriseNo29
MistralEUEnterpriseNo29
AWS BedrockEU + USBy defaultNo24
BytePlusEU, MultiEnterpriseNo24
NebiusEU + USEnterpriseNo23
xAIEU + USEnterpriseNo20
BergetEUBy defaultNo17
GeoddEU/EEA + USBy defaultNo16
Alibaba CloudEUEnterpriseNo15
EvrocEUBy defaultNo12
InfercomEU + USBy defaultNo7
InceptronEUEnterpriseNo4
DoclingEUEnterpriseNo2
OpperEUEnterpriseNo1
DeepInfraUSEnterpriseNo126
NovitaUSEnterpriseNo126
OpenAIUSEnterpriseNo59
GeminiUSEnterpriseNo36
FireworksMultiEnterpriseNo17
falUSEnterpriseNo16
GroqUSEnterpriseNo11
AnthropicUSEnterpriseNo10
MorphUSEnterpriseNo6
PrunaUSEnterpriseNo5
CerebrasUSEnterpriseNo4
ElevenLabsUSEnterpriseNo4
PerplexityUSEnterpriseNo4
ArceeUSEnterpriseNo3
MiniMaxMultiEnterpriseSee provider page1
ReveUSEnterpriseNo1
NVIDIAUSEnterpriseNo

Zero data retention "By default" applies to all traffic on at least one of the provider's routes, "Enterprise" means it is available under an Opper Enterprise agreement. Route-level detail, including retention windows and training posture, is on each provider page, and the legally binding list is at /sub-processors.

FAQ

AI security & compliance FAQ

Is it GDPR-compliant to use OpenAI, Anthropic, or Google models?

+
It can be, and what matters is where the data is processed, what the provider retains, and whether your DPA covers the flow. Opper gives you EU-hosted routes for major models, acts as your single sub-processor, and provides a standard DPA with SCCs, so you can use frontier models while keeping processing in the EU and your paperwork unchanged.

What is zero data retention (ZDR)?

+
Zero data retention means the model provider does not store your prompts or completions after the request is served. On Opper, ZDR availability is shown per model and provider in the directory, some routes offer ZDR on all traffic and others through an enterprise agreement.

Do I need a DPA with every model provider?

+
Not when you route through Opper. You sign one DPA with Opper, and Opper maintains the sub-processor relationships with the model providers, so adding a new model does not require amending your DPA, notifying your customers, or waiting out a 30-day objection window.

Where is my data processed?

+
The Opper platform runs in AWS Stockholm, Sweden, and inference requests are processed in the region of the route you select. EU routes keep data in the EU end to end, and data only leaves the EU if you explicitly choose a route hosted elsewhere.

Does Opper store my prompts?

+
Not by default. Opper stores metadata like model, token counts, latency, and cost for your analytics, while prompt and completion content is not retained. You can enable full tracing with the Control Plane, and Enterprise plans offer zero retention.

Does Opper train on my data?

+
No, Opper never trains on your data. Provider-side training posture is documented per provider in the sub-processor list, which records that no listed model provider uses customer requests or responses to train its models by default.

How does Opper support EU AI Act, DORA, or NIS2 reviews?

+
Every call is logged with model, cost, latency, and policy decisions, and the Control Plane adds session replay, retention controls, budget caps, and model allowlists. That gives compliance teams the audit trail and documentation these reviews ask for.

What security and compliance documents can I get from Opper?

+
The standard Data Processing Agreement, the sub-processor list, and the platform security overview are published on opper.ai, Standard Contractual Clauses are available on request, and Enterprise customers can request tailored terms including zero retention.

Ship AI your DPO can sign off on

One EU sub-processor, EU residency, and a DPA that already covers your next model

Get startedRead the DPA