Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.latitude.so/llms.txt

Use this file to discover all available pages before exploring further.

GDPR

Latitude is built with European data protection expectations in mind. Hosted Latitude stores and processes customer data and runs Latitude-managed inference in AWS eu-central-1 in Frankfurt, Germany. SDK and internal safeguards reduce PII exposure in telemetry. Latitude’s GDPR readiness review is in progress and is expected to be completed by the end of May 2026.
GDPR is a regulatory framework, not a point-in-time certification like ISO 27001 or a SOC II audit report. Latitude’s GDPR work covers documentation, operational practices, data handling, and customer-facing process readiness.

Status

AreaStatus
GDPR readiness reviewIn progress
Expected completionEnd of May 2026

Data protection approach

Latitude’s GDPR readiness work centers on:
  • AWS eu-central-1 boundary for hosted customer data and Latitude-managed inference
  • organization and project scoping for customer data
  • SDK redaction for common security-sensitive fields
  • configurable redaction for customer-specific PII patterns
  • internal controls that minimize unnecessary sensitive-data exposure
See Data protection and PII redaction for the technical controls available today.

Customer responsibilities

Customers control what telemetry they send to Latitude. To support GDPR-aligned usage, customers should:
  • avoid sending unnecessary personal data in prompts, tool outputs, metadata, or annotations
  • configure custom redaction for application-specific PII
  • scope agents and products into separate projects when their data should not mix
  • maintain an internal legal basis and retention policy for the telemetry they collect

Availability

GDPR documentation and process details will be updated as the readiness review is completed.