Tinos.ai
Get started
European Union

Hosted in Europe

Tinos answers the phone on your behalf and keeps a record of every call. This data is sensitive: we have chosen to store it in the European Union and to contractually bind the processors that handle it.

Your data stored in the European Union

The core of Tinos — the database, authentication and file storage — runs on Supabase, configured in the EU region (Frankfurt). Accounts, call transcripts and captured appointments are therefore stored on infrastructure located in Europe.

  • Database & accounts — Postgres and authentication managed by Supabase, EU region (Frankfurt).
  • File storage — transcripts and recordings kept on the same European foundation.
  • Region locked — the EU storage region is locked when the Supabase instance is created and cannot be changed afterward.

Why Europe: transcripts are personal data

A phone call contains the caller’s name, their number, sometimes an address or a reason for their request. Its transcript is therefore personal data within the meaning of the GDPR. Locating this data in the European Union reduces exposure to international transfers and makes it easier to meet your obligations as well as those of your clients.

Voice processing and our processors

To make the agent speak, Tinos relies on specialized providers. We favor their European access points where they exist — voice transcription, for example, uses an EU endpoint.

In all honesty: certain occasional processing operations, such as language model inference, may go through infrastructure located outside the European Union. In that case, the transfer is not concealed: it is governed by the mechanism provided for by the GDPR (adequacy decision or standard contractual clauses together with an assessment of the safeguards). We prefer to describe the reality precisely rather than promise a “100% EU” chain that we could not keep.

An important point: hosting in Europe guarantees the localization of the data, not its full sovereignty. A provider subject to US law may, in theory, be subject to access requests from its authorities (CLOUD Act) even when the data is stored within the Union. We do not hide this and are working to reduce this exposure (encryption, minimization, choice of providers).

  • Processors under contract — the providers that access your data are bound by a data processing agreement (DPA) and act only on our instructions.
Back to homePrivacyContact us