Regingada Trust Center
We hold no SOC 2 and no ISO certificate. This page shows what we actually do — and what we deliberately don't.
See our posturePosture at a glance
| Data residency | EU production residency is the target (Frankfurt) — a goal, not yet live. The core tool runs in your browser either way. |
|---|---|
| Hosting | Vercel (Vercel Inc., USA) — static hosting/CDN for this site and the product files, deployed from GitHub. Listed in the subprocessor table below. |
| AI processing | Opt-in only. Requests go through a Cloudflare Worker proxy to Anthropic (Claude). No AI request leaves the browser without your explicit action. |
| Accounts required | None. The suite has no login. |
| Tracking / ads | None. No analytics vendor, no ad network, no CRM pixel — on the product and on this site. |
| Core data model | Local-first: profile and settings live in your browser (LocalStorage). The core tool has no server-side persistence. |
Data we touch — and data we don't
- ✓Funnel inputs — transient, purpose-bound, only when you submit them
- ✓Functional browser storage only (LocalStorage: language, theme, profile)
- ✗Payment data — never collected
- ✗Health data — never collected
- ✗Tracking cookies — none
- ✗Profiling / behavioral scoring — none
What exactly sits in your browser
| Language | Your UI language (EN/DE). Never leaves the browser. |
|---|---|
| Theme | Light/dark preference. Never leaves the browser. |
| Profile | Your self-assessment profile. Leaves the browser only as part of a submission you actively trigger. |
| Deleting | One click in the suite's settings — or your browser's site-data controls. No request to us needed; we could not delete it for you even if asked, because we never hold it. |
By default the Regingada Compliance Suite frontend loads zero external resources — open your own DevTools network tab and verify it. Network paths open only on your action: the opt-in AI request, a deliberate funnel submission, and — if you use them — the contact form (Zoho Forms, EU) or the RaaS inquiry form (Formspree, USA, on consent).
How data flows — the whole picture
Your browser — the default boundary
The Regingada Compliance Suite runs entirely here. LocalStorage holds language, theme and profile. Zero external loads at boot.
↓ data crosses this line only on your action ↓
Browser → Cloudflare Worker → Anthropic (Claude)
Only what you type, only after consent. Not stored by us.
Browser → artifact service → DRAFT artifact
Transient processing; the artifact expires automatically — deleted after 14 days at the latest (current default).
Browser → Zoho Forms (EU) → office@regingada.com
Only if you use the contact form. EU-hosted, delivered internally Zoho→Zoho — no third-country transfer.
Browser → Formspree (USA) → Kanzlei Theo Funk
Only if you submit the RaaS form and tick consent. Third-country transfer on Art. 49(1)(a) GDPR consent.
The software ↔ mandate boundary, explained
Software output is a DRAFT and is not legal advice. FINAL exists only after you engage Kanzlei Theo Funk under a separate mandate and a lawyer has reviewed the matter. This is not small print — it is the architecture.
Regingada Compliance Suite — Regingada UG (haftungsbeschränkt)
- Regime: GDPR + RDG (structured self-assessment, decision support)
- No mandate, no legal advice, no professional-secrecy claim
- Output: DRAFT artifacts, visibly labeled
Kanzlei Theo Funk
- Regime: § 203 StGB + BORA/BRAO professional secrecy
- Protected by professional secrecy once you become a client
- Output: FINAL artifacts after lawyer review
Why the boundary protects you
- No pseudo-advice: the software never pretends to be your lawyer.
- A clear liability address in every phase — software company or law firm, never a blur.
- The mandate handoff is a deliberate, documented act — no silent server coupling between product and firm.
Controls — self-assessed, verifiable in code
We run no continuous-monitoring product, so you will find no green “Passing” theater here. Each control is stated as a fact, labeled honestly, and reviewed manually. Frontend controls you can verify yourself (DevTools); for server-side controls we share the relevant code excerpts on request by email.
Data minimization
- The suite requires no account; no user database exists for the public product.
- No third-party trackers, analytics or advertising scripts are embedded.
- Funnel inputs are processed for the stated purpose only and are not reused.
Transport & access
- API authentication fails closed: an empty or missing server token yields HTTP 503 — never an open endpoint.
- The lawyer-only endpoint (DRAFT→FINAL flip) is bearer-token-protected and rejects empty credentials.
- CORS origins are an explicit allowlist set via environment configuration; credentials are not shared cross-origin.
Artifact security
- Download identifiers carry 128 bits of randomness; enumeration is computationally infeasible.
- Malformed identifiers are rejected before any file access (404 before filesystem).
- Identifier format checks and deletion allowlists are kept in lockstep, so expired artifacts are always swept.
View 2 more categories
Retention
- Generated artifacts expire automatically — after 14 days at the latest (current default) — and an automated sweep deletes expired files.
- AI conversations are not stored by us; profile data stays in your browser until you delete it.
Frontend isolation
- The Regingada Compliance Suite frontend performs zero external loads at boot and is offline-capable; network traffic occurs only for opt-in AI requests and deliberate funnel submissions.
- Fonts, icons and data ship inside the application — no CDN dependency.
The entire list
| Vendor | Purpose · what flows | Region |
|---|---|---|
| Vercel Inc. | Static hosting/CDN — serves this site and the static product files, deployed from GitHub. No funnel documents or AI data pass through it. | USA-based vendor (global edge) |
| Cloudflare | Worker proxy for AI requests — carries opt-in AI prompts only, no funnel documents. | Global edge (USA-based vendor) — SCC/DPA |
| Anthropic PBC | Claude — answers for the opt-in AI assistant only. Nothing flows without your explicit consent and action. | USA |
| Zoho Corporation B.V. | Contact form (Zoho Forms) and company email (Zoho Mail). Contact-form submissions are delivered internally Zoho→Zoho to office@regingada.com. | EU (Netherlands) — no third-country transfer |
| Formspree, Inc. | Technical delivery of RaaS wizard inquiries to Kanzlei Theo Funk — only when you submit the form and tick the consent box. | USA — transfer on Art. 49(1)(a) GDPR consent |
That is the entire list. No analytics vendor, no ad network, no CRM pixel.
AI-provider safeguards: Zero-Data-Retention is active for the Anthropic account used (confirmed 2026-06-17). Anthropic's data-processing agreement (AVV/DPA) including the EU Standard Contractual Clauses is in force via Anthropic's commercial terms, so the opt-in AI transfer to the USA is covered by the SCCs (Art. 46(2)(c) GDPR). AI features remain strictly opt-in and clearly labeled.
View, or request by email
No portal, no NDA modal, no access tiers. Public documents open directly; sensitive ones are a short email away — answered by the lawyer, not a ticket queue.
The questions procurement actually asks
Is the Regingada Compliance Suite legal advice?
What happens to my funnel inputs?
What does the AI see, and when?
Where is data stored?
How long is anything retained?
Who is the controller?
How does the mandate handoff work?
Why no SOC 2?
What happens if there is a security incident?
How do I report a vulnerability?
Security changelog — real entries, real dates
Cadence over volume: few entries, each one true. Completed roadmap items from “What we don't have (yet)” land here with a date.
Trust Center brought up to date with the live state
Hosting (Vercel), the subprocessor list (added Zoho Forms/EU and Formspree/USA), the AI-provider status (zero-data-retention active) and the data-flow diagram were updated to match the live deployment and the privacy policy.
Contact channels added: contact form + RaaS inquiry
A contact form (Zoho Forms, EU-hosted, delivered to office@regingada.com) and the RaaS wizard's inquiry form (delivered to Kanzlei Theo Funk via Formspree, USA, on explicit consent) went live. Both are now listed as subprocessors.
Public launch on Vercel
regingada.com went live, served statically by Vercel with GitHub auto-deploy. Vercel is now listed in the subprocessor table.
AI provider Zero-Data-Retention activated
Anthropic confirmed zero-data-retention for the account used by the opt-in AI assistant. The data-processing agreement (AVV/DPA) including the EU Standard Contractual Clauses applies via Anthropic's commercial terms, so the USA transfer is covered by Art. 46(2)(c) GDPR.
Trust Center published
First publication of this page. Posture, controls and subprocessor list self-assessed as of this date.
Download identifiers hardened to 128-bit entropy
Artifact download IDs moved from 32 to 128 bits of randomness; malformed identifiers are now rejected before any file access; the retention deletion allowlist was updated in lockstep.
API auth fail-closed; CORS allowlist via environment
A deployment path that could leave the lawyer endpoint with an empty token was closed: empty token now returns 503 (fail-closed). CORS origins moved to an explicit environment allowlist.
Want update notices? One email, no newsletter tool, no new data flow: request updates by email.
What we don't have (yet)
Absence stated openly, with a dated status — not a hidden gap. Every finished item moves to the Updates feed with a date.
Certifications (SOC 2 / ISO 27001)
Under evaluation — a sober cost/benefit question for a single-product firm whose architecture minimizes data in the first place.
EU production residency
Target: Frankfurt region for all server-side features. Tracked as a roadmap milestone; completion lands in the Updates feed.
External penetration test
Planned. The executive summary will be published on this page — findings status included.
Talk to a person, not a portal
| Responsible | Theo Funk, Rechtsanwalt (Rechtsanwaltskammer Bamberg) |
|---|---|
| Security contact | office@theofunklaw.com |
| What to report | Vulnerabilities in the Regingada Compliance Suite, this website, the public API or the embed widget — with steps to reproduce if possible. |
| What we commit to | Acknowledgment of your report, a serious look at every good-faith submission, and no legal action against good-faith security research. |
| Machine-readable contact | security.txt (RFC 9116) at /.well-known/security.txt — the same contact, machine-readable. |