GDPR & Data Processing

1. GDPR commitment

Thinkn aims to process personal data in line with the General Data Protection Regulation (GDPR) and applicable Belgian privacy law. Privacy and data minimisation are considered in the setup of websites, business software and hosting environments.

2. Hosting location

Thinkn's primary hosting setup is European. Production workloads are currently hosted on Hetzner infrastructure in Falkenstein, Germany. DNS, proxying and security services are provided through Cloudflare. Backups are stored with OVHcloud in the Frankfurt region.

3. Data processing agreement

For client projects where Thinkn acts as processor on behalf of a customer, a data processing agreement (DPA) can be provided as part of the commercial agreement or on request before go-live.

4. Security measures

• European infrastructure by default for hosting and backups
• Access control limited to what is needed for service delivery and support
• Backups stored separately from the primary environment
• Use of security and traffic filtering services where appropriate

5. Sub-processors

An up-to-date list of core infrastructure sub-processors is available on the sub-processors page.

6. Contact

Questions about data processing or a project-specific DPA can be sent to yves@thinkn.eu.