Q: Eta for GDPR
When do you think your setup will comply with privacy laws in Europe?
Alex_Skarbe
May 19, 2025A: Thanks for the thoughtful question, Victoria!
At Skarbe, data privacy and security are core to our infrastructure. All user data is stored using encrypted and access-controlled resources, ensuring strong protection both at rest and in transit.
Our data handling practices are fully aligned with GDPR requirements – including encryption, strict access controls, and support for user rights like access and deletion. These principles are detailed in our publicly available Data Privacy Agreement.
We’re committed to compliance and transparency. Let us know if you have any other questions!
Victoria_ErimitaPLUSSo just to check and be very specific - so you confirm that you are GDPR compliant? Use european servers? Can sign a DPA, and follow european laws when it comes to transcribing other people? ☺️
Mikita_SkarbeGreat follow-up, @Victoria_Erimita — happy to clarify point by point:
✅ GDPR Compliance: Yes, our practices are designed to be GDPR-compliant — including data minimization, access logs, encryption, and the right to request data deletion or export.
European Servers: Our infrastructure currently runs on Amazon AWS in the U.S.
However, GDPR does not require data to be stored in the EU as long as proper safeguards are in place — which we follow, including:
1. Standard Contractual Clauses (SCCs)
2. Encryption at rest and in transit
3. Strict access controls
+ we’re already exploring options to host both user data and LLM models within the EU
📝 DPA: Yes, we can sign a Data Processing Agreement (DPA) — just reach out to support@skarbe.com, and we’ll send it over.
🎙️ Transcription & Consent:
Skarbe always acts as the data processor — we never train models or share your data.
As the user (data controller), you’re responsible for obtaining participant consent.
Thanks again for your thoughtful questions — we take privacy seriously and are committed to being fully transparent and compliant!