In compliance with GDPR, user-sensitive and personal data isn't stored in SoSafe's backend. The calculation is performed entirely in the end user's inbox, and no sensitive personal information is collected or stored by SoSafe GmbH. PhishAssist is therefore fully GDPR-compliant.