Security, Compliance & Professional Secrecy
ReportingGPT is operated by a licensed Wirtschaftsprüfungsgesellschaft. That means § 203 StGB criminal law confidentiality obligations, § 50a WPO IT outsourcing requirements, and dual-track contracts – not just a privacy policy.
Three-pillar protection
Technical, legal, and organisational. All three required.
German professional law demands more than just encryption. WPK guidance requires technical safeguards, contractual obligations, and organisational integration into your quality management system.
Technical safeguards
EU data residency, military-grade encryption, stateless AI inference, and zero data retention at the model layer.
Legal & contractual
§ 203 StGB professional secrecy obligations, § 50a WPO requirements, dual-track contracts (DPA + confidentiality agreement).
Organisational measures
IDW QMS 1 integration, AI competence training (Art. 4 EU AI Act), internal AI policy, and documented review processes.
Pillar 1
Technical safeguards
EU data residency
- All data processed and stored in AWS Frankfurt (eu-central-1)
- No data transfer to non-EU regions – ever
- In-Region routing only – no Global or Cross-Region inference
Encryption
- AES-256 encryption at rest via AWS KMS
- TLS 1.2 / 1.3 for all data in transit
- Customer-managed encryption keys available
Access controls
- Role-based access control (RBAC) with least privilege
- Multi-factor authentication (MFA) mandatory
- Session management with automatic timeout
Audit logging
- AWS CloudTrail for infrastructure-level logging
- Application-level audit trail (who, what, when)
- Log retention per applicable legal requirements
AI inference isolation
- AWS Bedrock: stateless by design, no prompt storage
- AWS does not use input/output for model training
- Anthropic has zero access to customer prompts or results
- Optional invocation logging – governance-controlled, off by default
Backup & recovery
- Automated daily backups (AWS managed)
- Point-in-time recovery capability
- Data export in PDF + Word at any time
Pillar 2
Legal and contractual protection
The 2017 reform of § 203 StGB explicitly enabled cloud AI for professional secret holders. § 50a WPO defines six cumulative requirements for IT outsourcing by auditors. ReportingGPT meets all of them.
Professional secrecy is a criminal law obligation
§ 203 Abs. 1 Nr. 3 StGB designates Wirtschaftsprüfer as Berufsgeheimnisträger (professional secret holders). Unauthorised disclosure of client secrets is punishable by up to one year of imprisonment. This is not a contractual NDA – it is German criminal law.
IT outsourcing by auditors is explicitly regulated
§ 50a WPO (introduced 2017) explicitly permits auditors to use external IT service providers – including cloud and AI – provided six cumulative requirements are met: careful selection, written contract, confidentiality obligation with criminal law instruction, need-to-know principle, sub-processor chain regulation, and immediate termination rights.
Dual-track contract system
Compliance requires two separate contractual tracks: A Data Processing Agreement (AVV) under GDPR Art. 28 for personal data, and a § 203 StGB confidentiality agreement covering all client secrets – including non-personal business and trade secrets that fall outside the GDPR scope. A DPA alone is not sufficient.
§ 50a WPO. Six requirements for IT outsourcing. All met.
Careful selection of service provider
§ 50a Abs. 2 S. 1
Written contract (Textform)
§ 50a Abs. 3 S. 1
Confidentiality obligation with criminal law instruction
§ 50a Abs. 3 S. 2 Nr. 1
Need-to-know principle
§ 50a Abs. 3 S. 2 Nr. 2
Sub-processor chain regulation
§ 50a Abs. 3 S. 2 Nr. 3
Right to immediate termination
§ 50a Abs. 2 S. 2
How it works. justReporting is your contractual counterparty.
Your contract is with justReporting GmbH Wirtschaftsprüfungsgesellschaft – not with AWS, not with Anthropic. We provide both the GDPR-compliant DPA and the § 203 StGB confidentiality agreement. AWS operates the infrastructure under our governance. Anthropic has no access to customer data whatsoever. This managed service provider model is explicitly recognised as a compliant path by the WPK and legal literature.
AWS Bedrock. How the AI actually works.
AWS Bedrock runs isolated copies of Claude models in AWS-controlled accounts. The architecture is designed so that neither AWS employees nor Anthropic can access your data.
Does Anthropic see my data?
No. AWS runs isolated "Deep Copy" instances of Claude models in AWS-owned accounts. Anthropic has zero access to these accounts, to customer prompts, or to model outputs. Anthropic receives only aggregate metadata (usage volume, token count, region).
Source: Anthropic on Bedrock Commercial Terms of Service
Does AWS store my prompts?
No. AWS Bedrock does not store or log prompts and completions. It does not use customer input/output to train any AWS models or distribute them to third parties.
Source: AWS Bedrock Data Protection documentation
Is my data used for model training?
No. Both AWS and Anthropic contractually guarantee that customer content is never used for model training. The Anthropic Commercial Terms explicitly state: "Anthropic may not train models on Customer Content from Services."
Source: Anthropic on Bedrock Commercial Terms
Where does the inference run?
Exclusively in AWS Frankfurt (eu-central-1). We use In-Region routing only – not Geographic EU and not Global routing. Data never leaves the Frankfurt region during processing.
Source: AWS Bedrock Cross-Region Inference documentation
Data flow. Four boundaries, zero leakage.
Your browser
TLS 1.3 encrypted
ReportingGPT app
AWS Frankfurt
AWS Bedrock
Stateless inference
Claude model
Deep Copy, isolated
Anthropic receives only aggregate metadata (usage volume, token count). Zero access to prompts, responses, or customer data.
Pillar 3
Organisational measures and regulatory compliance
WPK guidance requires AI tools to be integrated into the quality management system. IDW QMS 1, the WPK FAQ on AI, and the EU AI Act define the framework.
Quality management integration
ReportingGPT is documented as an approved tool within our quality management system per IDW QMS 1 (09.2022). Quality objectives 5 (technological resources) and 7 (service provider engagement) are addressed.
WPK guidance on AI in audit practice
The WPK FAQ on AI (July 2025) confirms: AI tools are permitted if confidentiality is ensured, results are not the sole basis for professional judgement, and the tool is integrated into the quality management system. ReportingGPT is designed to meet all three requirements.
Limited risk classification
ReportingGPT is classified as a "limited risk" AI system under Art. 6 EU AI Act – not a high-risk system. It does not fall under any Anhang III category. Applicable transparency obligations (Art. 50) will be implemented by August 2026.
Auditing standard for AI systems
IDW PS 861 (03.2023) – the world's first auditing standard for AI – provides the criteria-based framework for evaluating AI systems. ReportingGPT's architecture is designed to be auditable under this standard.
Client consent (Mandanteneinwilligung)
Per § 50a Abs. 5 WPO, client consent is required when a service is used directly for a specific engagement – for example, when analysing a specific client's sustainability report with AI. Using ReportingGPT as general office infrastructure (comparable to email or DMS) does not require individual client consent. We recommend informing clients about AI usage in your engagement letter.
Enterprise readiness
Meeting corporate procurement standards
Designed to pass security reviews from regulated firms and large corporations.
Available today
AES-256 encryption at rest
AWS KMS managed
TLS 1.2 / 1.3 in transit
Enforced on all connections
EU data residency
AWS Frankfurt (eu-central-1) exclusively
Multi-factor authentication
Mandatory for all users
Role-based access control
Least privilege, session timeouts
Data Processing Agreement
GDPR Art. 28, available for paid plans
§ 203 StGB protection
Criminal law confidentiality – stronger than any NDA
§ 50a WPO compliance
Six requirements for IT outsourcing met
No AI training on customer data
Contractually and technically guaranteed
Audit trail
Application + infrastructure level (CloudTrail)
Sub-processor transparency
Full list in DPA, notification on changes
Data deletion on request
Within 30 days, or on account closure
Data export / portability
PDF + Word export at any time, no vendor lock-in
Free evaluation available
Full Core Review, no credit card required
Automated daily backups
Point-in-time recovery
EU AI Act classification
Limited risk – documented risk assessment
On our roadmap
ISO 27001 certification
Planned for 2027
Penetration testing (annual)
First external pentest scheduled H2 2026
SSO / SAML federation
Enterprise tier, planned Q4 2026
BSI C5 attestation
Under evaluation for regulated customers
BYOK (Bring Your Own Key)
Enterprise tier, under evaluation
Need a vendor security questionnaire filled out? We complete BSI, CAIQ, or custom questionnaires. Contact us
Frequently asked questions
Security and compliance questions from auditors
How does ReportingGPT handle § 203 StGB professional secrecy?
justReporting GmbH WPG is a Berufsgeheimnisträger under § 203 Abs. 1 Nr. 3 StGB and meets all § 50a WPO requirements for IT outsourcing. AWS does not currently offer a dedicated § 203 confidentiality agreement (unlike Microsoft or DATEV). We rely on AWS Bedrock's stateless architecture – no prompts, no completions, no data stored at the model layer – combined with our dual-track contract system. We are transparent about this distinction.
Does my audit team need client consent to use ReportingGPT?
Per § 50a Abs. 5 WPO, client consent (Mandanteneinwilligung) is required when the tool is used directly for a specific engagement – for example, reviewing a specific client's sustainability report. Using ReportingGPT as general office infrastructure does not require individual consent. We recommend adding an AI disclosure clause to your engagement letter.
Where is my data stored and processed?
Exclusively in AWS Frankfurt (eu-central-1). We use In-Region routing only – not Geographic EU and not Global routing. Your data never leaves the Frankfurt region during processing. All data at rest is encrypted with AES-256 via AWS KMS.
Can AWS or Anthropic access my uploaded reports?
No. AWS Bedrock runs isolated "Deep Copy" instances of Claude models. AWS does not store or log prompts and completions. Anthropic has zero access to these AWS-owned accounts, to customer prompts, or to model outputs. Anthropic receives only aggregate metadata (usage volume, token count, region).
Is my data used to train AI models?
No – both contractually and technically. AWS Bedrock does not use customer input/output for model training. The Anthropic Commercial Terms explicitly state: "Anthropic may not train models on Customer Content from Services." ReportingGPT's own quality improvements use only approved, anonymised reference comments (RAG), never raw client data.
What contracts do I need to sign?
Two separate agreements: (1) A Data Processing Agreement (AVV) under GDPR Art. 28 for personal data, and (2) a § 203 StGB confidentiality agreement covering all client secrets – including non-personal business and trade secrets. A DPA alone is not sufficient for Berufsgeheimnisträger. Both are available for paid plans.
How is ReportingGPT classified under the EU AI Act?
ReportingGPT is classified as a "limited risk" AI system under Art. 6 EU AI Act. It does not fall under any Anhang III high-risk category. Applicable transparency obligations under Art. 50 will be implemented by August 2026. A documented risk assessment is available on request.
Can I get a vendor security questionnaire filled out?
Yes. We complete BSI, CAIQ (Cloud Security Alliance), or custom security questionnaires for enterprise customers. Contact us at hello@justreporting.eu with your questionnaire template.
Questions about our security architecture?
We walk you through our technical and organisational measures, provide DPA and § 203 agreements, or complete your vendor security questionnaire.