Hosting & Data

Application data (obligations, records, account profile data) is hosted on Supabase (EU region, Frankfurt am Main). The underlying Postgres database, the authentication service, and the object storage for uploaded files all run in the same region.

The static website (HTML, CSS, JS, images) is delivered via a German web host; Cloudflare sits in front as CDN/reverse proxy.

• Supabase Inc. — database, authentication, object storage; hosted in the EU (Frankfurt am Main).
• Stripe Payments Europe Ltd. (Dublin, Ireland) — payment processing. Data transfers to the USA for Stripe-internal functions are covered by Standard Contractual Clauses under Art. 46 GDPR.
• Cloudflare, Inc. — CDN, reverse proxy, DDoS protection. Technical access data (IP, HTTP headers, timestamps) is processed before reaching the hosting server.
• Web host (Germany) — delivery of static website content.

Full processor details including legal bases are in the privacy policy.

You can request a complete account export at any time via Account → Data → “Export data (ZIP)”. Included are profile data, all obligations with iterations, record metadata, and (where stored) the uploaded record files.

Pro Solo additionally offers the audit-grade evidence package (PDF/ZIP) per obligation or as a bulk export — suitable for presentation to auditors, insurers, or authorities.

Account deletion at any time via Account → Data → “Delete account”. Deletion covers all related obligations, records, exports, and uploaded files. Restoration is not possible.

Daily database snapshots by Supabase. Retention per Supabase default configuration. Backups exist exclusively for incident recovery, not for restoring deleted user data.

This page makes no compliance claim (“GDPR-compliant”, “legally certified”, “audit-proof”). PflichtPilot describes the factual status here — the legal assessment of processing in your specific use case is your responsibility (or your data protection officer’s).