Core position
Fueld is a dedicated deployment, not a pooled multi-tenant SaaS. Your operating environment and your data are not mixed into a shared customer dataset, and they never become training material for anyone else's product.
Privacy, GDPR & sovereignty
Privacy questions answered by architecture, not by promises.
Almost every concern your privacy office, security team, or regulator will raise — GDPR scope, data processing agreements, residency, retention, operator access, sub-processors, breach response — is addressed by the deployment model itself: dedicated, region-pinned, and inside your boundary. Sovereignty is not a feature you toggle on; it is the default.
What this gives you
A defensible answer to GDPR, UK GDPR, sectoral, and customer-driven data-handling questions — backed by an access boundary you control, a residency you choose, and an audit trail you can export.
Compliance posture
How sovereignty cashes out in practice.
Each of the items below is addressed by how the platform is built and deployed. They are commercial talking points; final wording for your DPA, ROPA, and security questionnaire should reflect the exact configuration you run.
GDPR & UK GDPR by design
Lawful basis, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and accountability are embedded into the data model — not retrofitted. Data subject rights (access, rectification, erasure, portability, restriction, objection) are first-class operations.
Data Processing Agreement
A standard DPA is available with EU Standard Contractual Clauses and the UK International Data Transfer Addendum. Sub-processors are short-listed, transparent, and pinned to the deployment region you choose.
Data residency you choose
EU, UK, US, UAE, Singapore — or your own datacentre. Application data, backups, audit logs, and email artefacts stay inside the boundary you select. No silent regional replication.
Retention & verified deletion
Configurable retention windows per record type (inquiries, documents, audit, communications). Erasure requests produce a verifiable record, with cryptographic shredding applied to encrypted backups.
Operator access boundary
Fueld engineers have no standing access to your data. Break-glass support access is opt-in, scoped, time-boxed, customer-approved, and recorded in your audit log.
Audit & evidence
Append-only audit log of every read, write, send, approval, and configuration change. Exportable to your SIEM and to evidence packs for SOC 2, ISO 27001, and internal review.
Encryption everywhere
TLS 1.3 in transit, AES-256 at rest, with customer-held key options for cloud and on-prem deployments. Secrets isolated per tenant; nothing shared across customers.
No shared learning loop
No customer data is used to train shared models. The built-in LLM runs in-tenant. Telemetry is restricted to license validation and opt-in operational diagnostics.
FAQ
Privacy questions buyers ask first.
Who is the data controller, and who is the processor?
You are the data controller for the operating data inside your Fueld deployment. Fueld acts as a data processor only when you explicitly engage the managed offering, under a written DPA. Self-hosted deployments have no Fueld processor relationship at all.
How are international data transfers handled?
There are no transfers when the deployment runs entirely in your chosen region. Where managed support is in scope, EU SCCs and UK IDTA cover any cross-border processing, and the affected data is documented up front.
How do you support data subject access requests (DSARs)?
The platform provides search, export, rectification, restriction, and erasure operations against any subject identifier. Outputs are machine-readable so they can be returned to the requester directly.
What about backups and the right to be forgotten?
Backups are encrypted with per-deployment keys. On erasure, the live record is removed and the encrypted backup is cryptographically shredded according to a documented retention schedule, so restorations cannot resurrect deleted personal data.
Need the full DPA, sub-processor list, or a security questionnaire response? Reach out and we'll share the current pack aligned to your deployment region.