Hosting in the EU
Dailypitch runs on Vercel in the Frankfurt region (fra1). The database is hosted by Neon, also in an EU data centre (Frankfurt). Generated decks, uploads and analytics stay in the EU region as far as we technically control it.
Encryption
All traffic is served exclusively over HTTPS (TLS 1.3), enforced via HSTS. Passwords are hashed with scrypt and never stored in clear text. Share links use unguessable tokens with 128 bits of randomness; decks can additionally be password-protected.
Subprocessors
- Vercel Inc. — hosting (Frankfurt region), DPA, EU-US DPF
- Neon Inc. — Postgres database (EU)
- Anthropic PBC — AI generation of deck content, DPA, no training on customer data
- Resend Inc. — transactional email, SCCs
- Stripe Payments Europe Ltd. — payment processing, DPA
DPA for business customers
A data processing agreement under Art. 28 GDPR is available on the Pro, Expert and Enterprise plans. Request it via contact@dailypitch.io or the contact form.
Recipient tracking
Recipient analytics (views, per-section reading time) are aggregated and collected without clear-text IPs. Every served deck carries a visible privacy notice linking to the privacy policy.
Reporting a vulnerability
Security contact: contact@dailypitch.io (see also security.txt).