Five questions we get every week from security and procurement teams.
Where does BLUN · Mailing data live?
All sending and storage runs on EU-hosted servers in Germany. Primary in Nuremberg (DE-NUE-A1), failover in Falkenstein (DE-FAL-B2). Backups stay in the same EU region. There is no US replication in the default flow, and no toggle that quietly enables it.
Who has access to my data?
Production access is gated by RBAC, hardware-key MFA, and a per-action audit log. The list of humans with production credentials is short — currently the founder and a small named on-call rotation. Every privileged action is logged with timestamp, IP, role, and reason.
What happens in a breach?
Detect, contain, notify within 72 hours under GDPR Art. 33, then publish a blameless postmortem within 14 days. Affected users get a direct email naming the scope, the data involved, our containment steps, and a written follow-up of remediation actions.
Are there third-party audits?
EU-hosted is ISO 27001 certified at the hosting layer. BLUN · Mailing itself targets SOC 2 Type 2 in Q3 2026 — observation period is running now. We commission an external pen-test every six months from an independent EU firm; the executive summary is available under NDA.
How do I exercise GDPR Art. 17 erasure?
Email contact@blun.ai from the address on file, or use the in-app erasure flow under Settings → Privacy. Hard delete from production completes within 30 days; backup expiry within 35 days. We confirm in writing once the cycle is done.