How We Process Your Data
Sally AI acts strictly as a Data Processor, processing data only on your documented instruction, only for agreed purposes, and never for our own business interests.
What We Process
Prompts and comments entered directly in the product.
IP addresses, timestamps, system/meeting IDs, and log events.
If meeting features are enabled: audio/video and transcripts as defined in the DPA.
What We Never Do
Why We Process It
Providing the agreed service based on your documented instructions, fully GDPR-compliant under a signed DPA.
Troubleshooting and abuse prevention, carried out within the scope of our technical and organisational measures (TOMs).
Where It's Stored
German data centers at Hetzner. Until end of May 2026, alternative EU regions may still be used. After that, exclusively Germany. No third-country transfers, ever.
Store data in your own MS SQL database on-premises. Data never leaves your infrastructure.
Retention & Deletion
Data is retained only as needed for the agreed purposes, per your explicit instructions.
Audio pipeline artifacts and other transient data are automatically deleted after transcript creation, unless you have enabled recording storage.
Deletion or return within 30 days, with written confirmation as specified in the DPA.
Data Masking for AI
Before any data is sent to a large language model (LLM), all personally identifiable information is masked. Names, email addresses, and other identifiers are replaced with anonymized placeholders before content reaches the AI. The original data is restored only within our own secure infrastructure after processing.
Additionally, the Bring Your Own LLM option lets you configure Sally to use your organization's own language models exclusively, so no data ever leaves your infrastructure for AI processing.