EU Data Sovereignty

Sales conversation data belongs
in Europe. Stored in Germany.

Every training session reveals how your team sells, where it struggles, and which customers it mentions. sip.coach stores this data in Germany. Individual voice AI steps run through secured data processors, no training on your content, German-centric architecture.

German storage · GDPR Art. 15 & 17 · Works-council-friendly · DPA & EU Standard Contractual Clauses

Germany · EU Stored in Germany DE GDPR Art. 15 / 17 EU AI Act aligned Works Council compatible

Note: This page explains our data protection architecture as a decision-making resource. It is not a legal document. The legally binding Privacy Policy and Legal Notice are available on the corresponding pages. For works council and compliance discussions we provide a data privacy factsheet on request.

Why it matters

Training data is the most sensitive data in sales.

A recorded roleplay session reveals more about your business than any CRM row.

Content you never want exported.

Objection handling, pricing arguments, customer and competitor names mentioned in passing: a conversation recording is effectively a map of your sales strategy. On a US server, that is an avoidable risk.

Every rep is a named individual.

Each session is linked to a real person: how well someone sells is personal performance data. That makes data protection and co-determination a legal obligation, not an optional extra.

US tools don't shift the problem, they create it.

As soon as a US provider or US subsidiary has access, the CLOUD Act applies. For insurance companies, banks, and healthcare organizations in the DACH region, that typically rules them out.

Five guarantees

Data sovereignty that holds up under audit.

Not just promises, verifiable architecture decisions.

German data storage

Your conversation data, RAG knowledge base, and team dashboard are stored in Germany. Individual processing steps (voice AI) run through carefully selected data processors, secured by a Data Processing Agreement and EU Standard Contractual Clauses.

Storage location: German data center

GDPR Art. 15 & 17 implemented

Right of access and right to erasure are built into the app: one-click data export, full account and transcript deletion including anonymization of billing data in the ERP back-end.

Access · Export · Erasure

No training on your data

Your transcripts and uploaded documents are never used to train AI models. They serve solely to conduct the roleplay and calculate the deterministic score. After that, they remain yours.

No model repurposing

Works-council-friendly aggregated reporting

Manager reporting is aggregated: team leads see team trends and skill gaps, never individual transcripts or behavioral surveillance. No hidden performance monitoring: designed for co-determination.

Aggregated · No individual monitoring

German-centric architecture

sip.coach is operated by a German company; storage is in Germany. Third-country exposure is limited to the essential voice AI steps, secured by a Data Processing Agreement and EU Standard Contractual Clauses.

German company · German storage

EU AI Act aligned & auditable scoring

AI evaluates individual dimensions; aggregation into the overall score is deterministic, with self-consistency evaluation (3 scoring runs, median, disclosed scoring spread). This keeps the assessment fully auditable for compliance teams, auditors, and works councils.

Auditable · EU AI Act aligned
Where your data goes

The data flow: and where it ends up.

From spoken word to score, and where your data rests at the end.

01

You speak

Your voice is received as an audio stream and converted to text by the voice AI.

Voice AI (data processor)
02

AI responds

The AI persona replies with realistic objections; the voice output is streamed back via voice AI.

Voice AI (data processor)
03

Score calculated

AI evaluates the 5 dimensions; aggregation into the overall score runs deterministically server-side.

Evaluation
04

Stored & erasable

Transcript and score are stored in Germany: exportable (Art. 15), erasable (Art. 17).

Germany

Storage is in Germany. Individual processing steps (voice AI) run through carefully selected data processors, secured by a Data Processing Agreement and EU Standard Contractual Clauses.

How we compare

sip.coach versus US-based AI training tools.

The same mechanism, but a fundamentally different legal framework.

Data protection architecture comparison. "Typical US tool" refers to common US-based roleplay/coaching platforms.
Criterion sip.coach Typical US tool
Data storage In Germany Usually US data centers or "EU region" with US parent company
Third-country exposure Limited to voice AI, secured by DPA & EU Standard Contractual Clauses Often fully US-processed, US parent company
Training on customer data no Often reserved in terms of service
GDPR Art. 15 & 17 implemented in app On request, sometimes with deadlines
Works council / co-determination Aggregated reporting, no individual monitoring Individual transcripts often visible
Scoring logic AI dimension scoring, deterministic aggregation with self-consistency, fully auditable Often unconstrained LLM judgment without disclosed spread
Contracting party German company, German law US entity, often US jurisdiction

For a detailed look at how the auditable, reproducible score works, see Objective Scoring & Methodologies.

For decision-makers

The questions that always come up in rollout conversations.

Data protection officers, IT security, and works councils ask these first.

"What does a manager see in the dashboard?"

Managers see aggregated team metrics: score trends and the team's weakest dimensions; individual sessions remain private by default. The team dashboard is deliberately built for aggregated reporting rather than individual monitoring.

"Can we delete all the data?"

Yes. Through the right of access and erasure (Art. 15 / 17), employees can export or delete their account including all transcripts and scores. Deletion also covers anonymization of billing data in the ERP back-end.

"Does any of this end up in the US?"

Your data is stored in Germany. Individual processing steps (voice AI) run through specialized data processors, some with processing in the US, secured by a Data Processing Agreement and EU Standard Contractual Clauses. We limit third-country exposure to the essential voice AI steps.

"Is this permissible in insurance or banking?"

sip.coach was built for exactly these industries: German storage, third-country exposure limited to voice AI and secured by EU Standard Contractual Clauses, auditable reproducible scoring, aggregated reporting. We provide a data privacy factsheet on request for submission to data protection officers and works councils.

Frequently asked questions

GDPR & data sovereignty: answered concisely.

Your conversation data is stored in Germany. Individual processing steps, in particular the voice AI (speech-to-text, text-to-speech) and AI evaluation, run through carefully selected data processors, some of which are located in or process data in the US. These are secured by a Data Processing Agreement (DPA) and EU Standard Contractual Clauses.
No. Your conversation content, transcripts, and uploaded documents are not used to train AI models. They serve exclusively to conduct the roleplay session and calculate the deterministic score. Your content is never repurposed for model training.
Yes. sip.coach was built with works council co-determination requirements in mind. Manager reporting is aggregated: team leaders see team-level metrics and skill gaps; individual sessions remain private by default. The aggregation into an overall score is deterministic and therefore fully auditable. We provide a data privacy factsheet on request for co-determination and compliance discussions.
sip.coach is operated by a German company; conversation data is stored in Germany. Individual processing steps (voice AI) run through specialized data processors, some with locations or processing in the US, secured by a Data Processing Agreement and EU Standard Contractual Clauses. We deliberately use an German-centric architecture and limit third-country exposure to the essential voice AI steps.
Access (Art. 15) and erasure (Art. 17) are fully implemented in the app: you can export your data and delete your account including all transcripts and scores. Deletion also covers anonymization of billing data in the ERP back-end. The legally binding details are available in the Privacy Policy and Legal Notice.

Start today with 2 free training sessions, 4 weeks to try it.

No credit card. Setup in 2 minutes. GDPR-compliant with German data storage.

For teams of 5 or more: request a demo & data privacy factsheet